CVE-2020-3617 - Qualcomm Sm7150 Firmware, Qualcomm Sdm630 Firmware and Qualcomm Sda660 Firmware

September 9, 2020

Critical 7.1

u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130

Affected software

Qualcomm Sm7150 Firmware

Qualcomm Sdm630 Firmware

Qualcomm Sda660 Firmware

Qualcomm Sdm660 Firmware

Qualcomm Nicobar Firmware

Qualcomm Rennell Firmware

Qualcomm Sdm710 Firmware

Qualcomm Qcs605 Firmware

Qualcomm Sm6150 Firmware

Qualcomm Sxr1130 Firmware

Qualcomm Sc7180 Firmware

Qualcomm Sdm636 Firmware

Qualcomm Kamorta Firmware

Qualcomm Sdm670 Firmware

Qualcomm Qcs610 Firmware

Qualcomm Sm8150 Firmware

Reference links

https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin

CVE-2020-3617 - Qualcomm Sm7150 Firmware, Qualcomm Sdm630 Firmware and Qualcomm Sda660 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software