CVE-2020-3629

Summary

u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, Kamorta, Rennell, SC7180, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesBitra, Kamorta, Rennell, SC7180, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130affected

Weaknesses

  • Buffer Copy Without Checking Size of input in DSP Services

ADP Enrichment

CVE Program Container

Additional References

References