CVE-2020-3635

HIGH

Stack based overflow - Buffer Overflow

Title source: llm

Description

Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

References (2)

[Broken Link] https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 12.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-787

Status published

Affected Products (34)

qualcomm/apq8053_firmware

qualcomm/apq8096au_firmware

qualcomm/apq8098_firmware

qualcomm/msm8909w_firmware

qualcomm/msm8917_firmware

qualcomm/msm8920_firmware

qualcomm/msm8937_firmware

qualcomm/msm8940_firmware

qualcomm/msm8953_firmware

qualcomm/msm8996au_firmware

qualcomm/msm8998_firmware

qualcomm/nicobar_firmware

qualcomm/qcm2150_firmware

qualcomm/qcs605_firmware

qualcomm/qm215_firmware

... and 19 more

Timeline

Published Jun 22, 2020

Tracked Since Feb 18, 2026