CVE-2020-3646: Buffer Overflow
First published: Tue Sep 08 2020(Updated: )
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDA845, SDM429W, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Qcm2150 Firmware | ||
| Google Android | ||
| Qualcomm Qcs405 Firmware | ||
| Google Android | ||
| Qualcomm Qcs605 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sc8180x Firmware | ||
| Qualcomm Sc8180x | ||
| Qualcomm Sda845 Firmware | ||
| Qualcomm Sda845 | ||
| Qualcomm Sdm429w Firmware | ||
| Qualcomm Sdm429w | ||
| Qualcomm Sdx24 Firmware | ||
| Google Android | ||
| Qualcomm Sdx55 Firmware | ||
| Qualcomm Sdx55 | ||
| Google Android | ||
| Qualcomm Sm6150 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sm8150 Firmware | ||
| Qualcomm Sm8150 | ||
| Qualcomm Sm8250 Firmware | ||
| Qualcomm SM8250 | ||
| Qualcomm Sxr2130 Firmware | ||
| Qualcomm Sxr2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this buffer overflow vulnerability?
The vulnerability ID for this buffer overflow vulnerability is CVE-2020-3646.
What software is affected by CVE-2020-3646?
This vulnerability affects Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605.
What is the severity rating for CVE-2020-3646?
CVE-2020-3646 has a severity rating of 7.8 (high).
What is the vulnerability description for CVE-2020-3646?
The vulnerability is related to a buffer overflow in the video application where the destination buffer size is smaller than the source buffer size.
Are there any references for CVE-2020-3646?
Yes, the references for CVE-2020-3646 can be found at the following links: [Link 1](https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin), [Link 2](https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin).
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/remedy
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm qcm2150 firmware
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sda845 firmware
- canonical/qualcomm sda845
- canonical/qualcomm sdm429w firmware
- canonical/qualcomm sdm429w
- canonical/qualcomm sdx24 firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sdx55
- canonical/qualcomm sm6150
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sm8150
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sm8250
- canonical/qualcomm sxr2130 firmware
- canonical/qualcomm sxr2130