Vulnerabilities > CVE-2020-3647 - Out-of-bounds Write vulnerability in Qualcomm products

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

qualcomm

CWE-787

NVD

Published: 2020-09-08

Updated: 2020-09-11

Summary

u'Potential buffer overflow when accessing npu debugfs node "off"/"log" with large buffer size' in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, SC8180X, SDX55, SM6150, SM7150, SM8150

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Mdm9607 Firmware - Qualcomm Qcs405 Firmware - Qualcomm Sc8180X Firmware - Qualcomm Sdx55 Firmware - Qualcomm Sm6150 Firmware - Qualcomm Sm7150 Firmware - Qualcomm Sm8150 Firmware -	7
Hardware	Qualcomm Qualcomm Mdm9607 - Qualcomm Qcs405 - Qualcomm Sc8180X - Qualcomm Sdx55 - Qualcomm Sm6150 - Qualcomm Sm7150 - Qualcomm Sm8150 -	7

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References