CVE-2020-3656 - Qualcomm Msm8917 Firmware, Qualcomm Rennell Firmware and Qualcomm Qcs605 Firmware
Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Affected software
Qualcomm Msm8917 Firmware
Qualcomm Rennell Firmware
Qualcomm Qcs605 Firmware
Qualcomm Saipan Firmware
Qualcomm Sdm450 Firmware
Qualcomm Sdm429w Firmware
Qualcomm Sc8180x Firmware
Qualcomm Sdm439 Firmware
Qualcomm Sdm429 Firmware
Qualcomm Sm8250 Firmware
Qualcomm Sm8150 Firmware
Qualcomm Sdx55 Firmware
Qualcomm Qcm2150 Firmware
Qualcomm Sm7150 Firmware
Qualcomm Apq8009 Firmware
Qualcomm Nicobar Firmware
Qualcomm Sdm710 Firmware
Qualcomm Sm6150 Firmware
Qualcomm Qm215 Firmware
Qualcomm Sa6155p Firmware
Qualcomm Sxr2130 Firmware
Qualcomm Sa8155p Firmware
Qualcomm Sdm632 Firmware
Qualcomm Kamorta Firmware
Qualcomm Sdm845 Firmware
Qualcomm Mdm9607 Firmware
Qualcomm Msm8953 Firmware
Qualcomm Qcs405 Firmware