First published: Wed Sep 09 2020(Updated: )
Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Nicobar | ||
Qualcomm Qcs405 Firmware | ||
Qualcomm Qcs405 | ||
Google Android | ||
Google Android | ||
Qualcomm Sc8180x Firmware | ||
Qualcomm Sc8180x | ||
Qualcomm Sdx55 Firmware | ||
Qualcomm Sdx55 | ||
Qualcomm Sm8150 Firmware | ||
Qualcomm Sm8150 | ||
Qualcomm Sm8250 Firmware | ||
Qualcomm SM8250 | ||
Qualcomm Sxr2130 Firmware | ||
Qualcomm Sxr2130 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-3674 is a vulnerability in Qualcomm Snapdragon devices that allows information to leak into userspace due to improper transfer of data from kernel to userspace.
Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, and Sxr2130 are affected by CVE-2020-3674.
The severity of CVE-2020-3674 is medium with a CVSS score of 5.5.
The vulnerability CVE-2020-3674 can be exploited by an attacker to obtain sensitive information from the kernel and transfer it to userspace.
You can find more information about CVE-2020-3674 on the Qualcomm Product Security Bulletins website: https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin.