CVE-2020-3640

HIGH

Snapdragon Compute/Snapdragon Consumer IOT/Snapdragon Mobile/Snapdr...

Title source: llm

Description

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

References (2)

[Broken Link] https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Scores

CVSS v3 7.8

EPSS 0.0009

EPSS Percentile 26.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-131

Status published

Products (12)

qualcomm/bitra_firmware

qualcomm/kamorta_firmware

qualcomm/qcs404_firmware

qualcomm/qcs610_firmware

qualcomm/rennell_firmware

qualcomm/saipan_firmware

qualcomm/sc7180_firmware

qualcomm/sdx55_firmware

qualcomm/sm6150_firmware

qualcomm/sm7150_firmware

... and 2 more

Published Sep 08, 2020

Tracked Since Feb 18, 2026