Vulnerabilities > CVE-2020-3618 - Use After Free vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-416

NVD

Published: 2020-06-02

Updated: 2020-06-02

Summary

NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC8180X, SXR2130

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Qca8081 Firmware - Qualcomm Sc8180X Firmware - Qualcomm Ipq6018 Firmware - Qualcomm Ipq8074 Firmware - Qualcomm Sxr2130 Firmware -	5
Hardware	Qualcomm Qualcomm Qca8081 - Qualcomm Sc8180X - Qualcomm Ipq6018 - Qualcomm Ipq8074 - Qualcomm Sxr2130 -	5

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin