Description
u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin
Scores
CVSS v3
7.1
EPSS
0.0003
EPSS Percentile
9.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
CWE-20
Status
published
Products (16)
qualcomm/kamorta_firmware
qualcomm/nicobar_firmware
qualcomm/qcs605_firmware
qualcomm/qcs610_firmware
qualcomm/rennell_firmware
qualcomm/sc7180_firmware
qualcomm/sda660_firmware
qualcomm/sdm630_firmware
qualcomm/sdm636_firmware
qualcomm/sdm660_firmware
... and 6 more
Published
Sep 09, 2020
Tracked Since
Feb 18, 2026