Description
Null pointer dereference issue in radio interface layer due to lack of null check in sapmodule destructor in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS605, Rennell, Saipan, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR2130
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
12.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (22)
qualcomm/mdm9607_firmware
qualcomm/msm8917_firmware
qualcomm/msm8920_firmware
qualcomm/msm8937_firmware
qualcomm/msm8940_firmware
qualcomm/msm8953_firmware
qualcomm/msm8998_firmware
qualcomm/nicobar_firmware
qualcomm/qcs605_firmware
qualcomm/rennell_firmware
... and 12 more
Published
Apr 16, 2020
Tracked Since
Feb 18, 2026