Description
Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2130
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Scores
CVSS v3
9.8
EPSS
0.0036
EPSS Percentile
57.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (8)
qualcomm/nicobar_firmware
qualcomm/sdm670_firmware
qualcomm/sdm710_firmware
qualcomm/sdm845_firmware
qualcomm/sm6150_firmware
qualcomm/sm8150_firmware
qualcomm/sm8250_firmware
qualcomm/sxr2130_firmware
Published
Jan 21, 2020
Tracked Since
Feb 18, 2026