Description
String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
10.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (10)
qualcomm/mdm9607_firmware
qualcomm/nicobar_firmware
qualcomm/rennell_firmware
qualcomm/sa6155p_firmware
qualcomm/sdx55_firmware
qualcomm/sm6150_firmware
qualcomm/sm7150_firmware
qualcomm/sm8150_firmware
qualcomm/sm8250_firmware
qualcomm/sxr2130_firmware
Published
Jan 21, 2020
Tracked Since
Feb 18, 2026