CVE-2020-3629

HIGH

Snapdragon Auto - Buffer Overflow

Title source: llm

Description

u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, Kamorta, Rennell, SC7180, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

References (2)

Core 2

Core References

Broken Link x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 12.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (10)

qualcomm/bitra_firmware

qualcomm/kamorta_firmware

qualcomm/rennell_firmware

qualcomm/sc7180_firmware

qualcomm/sdm845_firmware

qualcomm/sm6150_firmware

qualcomm/sm7150_firmware

qualcomm/sm8150_firmware

qualcomm/sm8250_firmware

qualcomm/sxr2130_firmware

Published Sep 08, 2020

Tracked Since Feb 18, 2026