First published: Wed Sep 09 2020(Updated: )
u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, Nicobar, QCS404, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Nicobar | ||
Qualcomm Qcs404 Firmware | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Rennell Firmware | ||
Google Android | ||
Google Android | ||
Qualcomm Sa6155p | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Sc8180x Firmware | ||
Qualcomm Sc8180x | ||
Qualcomm Sdx55 Firmware | ||
Qualcomm Sdx55 | ||
Google Android | ||
Qualcomm Sm6150 | ||
Google Android | ||
Google Android | ||
Qualcomm Sm8150 Firmware | ||
Qualcomm Sm8150 | ||
Qualcomm Sm8250 Firmware | ||
Qualcomm SM8250 | ||
Qualcomm Sxr2130 Firmware | ||
Qualcomm Sxr2130 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2020-3679.
The severity of CVE-2020-3679 is medium with a severity value of 5.5.
The software affected by CVE-2020-3679 includes Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, and more.
CVE-2020-3679 allows part of the code to be still mapped at a known address, even after Address Space Layout Randomization (ASLR) is turned on for QTEE.
Yes, Qualcomm Bitra Firmware is vulnerable to CVE-2020-3679.