← Back

CVE-2020-3671

nvd nist
Published: Jul 30, 2020Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, Nicobar, QCM2150, QCS405, Saipan, SDM845, SM8150, SM8250, SXR2130

Affected (9)

Qualcomm
9 products
Apq8009 Firmware
Nicobar Firmware
Qcm2150 Firmware
Qcs405 Firmware
Saipan Firmware
Sdm845 Firmware
Sm8150 Firmware
Sm8250 Firmware
Sxr2130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8009 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8009
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nicobar Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Nicobar
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcm2150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcm2150
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs405 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs405
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Saipan Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Saipan
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm845 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm845
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8250 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8250
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr2130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr2130
All versions

Related CWEs

CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (3)

Source: product-security@qualcomm.com
Broken Link
Source: nvd@nist.gov
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.