CVE-2020-3685

HIGH

Snapdragon - Memory Corruption

Title source: llm

Description

Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

References (2)

[Broken Link] https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Scores

CVSS v3 7.5

EPSS 0.0021

EPSS Percentile 43.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-415

Status published

Affected Products (50)

qualcomm/apq8009

qualcomm/apq8009w

qualcomm/apq8017

qualcomm/apq8030

qualcomm/apq8037

qualcomm/apq8052

qualcomm/apq8053

qualcomm/apq8056

qualcomm/apq8060a

qualcomm/apq8062

qualcomm/apq8064

qualcomm/apq8064au

qualcomm/apq8076

qualcomm/apq8084

qualcomm/apq8096au

... and 35 more

Timeline

Published Jan 21, 2021

Tracked Since Feb 18, 2026