CVE-2020-3696: Use After Free
First published: Mon Nov 02 2020(Updated: )
u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm apq8009 firmware | ||
| Qualcomm apq8009 | ||
| Qualcomm apq8017 firmware | ||
| Qualcomm apq8017 | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm apq8096au firmware | ||
| Qualcomm apq8096au | ||
| qualcomm APQ8098 firmware | ||
| qualcomm APQ8098 | ||
| Qualcomm IPQ4019 | ||
| Qualcomm IPQ4019 Firmware | ||
| qualcomm ipq6018 firmware | ||
| qualcomm ipq6018 | ||
| Qualcomm IPQ8064 | ||
| qualcomm IPQ8064 firmware | ||
| qualcomm ipq8074 firmware | ||
| qualcomm IPQ8074 | ||
| Qualcomm MDM9206 firmware | ||
| Qualcomm MDM9206 | ||
| qualcomm MDM9207C firmware | ||
| qualcomm MDM9207C | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm MDM9607 | ||
| qualcomm MSM8905 firmware | ||
| qualcomm MSM8905 | ||
| Qualcomm MSM8909W | ||
| Qualcomm MSM8909W | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| qualcomm QCA4531 firmware | ||
| qualcomm QCA4531 | ||
| qualcomm qca6574au firmware | ||
| qualcomm qca6574au | ||
| Qualcomm QCA9531 | ||
| Qualcomm QCA9531 | ||
| qualcomm QCM2150 firmware | ||
| qualcomm QCM2150 | ||
| Qualcomm QCS605 firmware | ||
| Qualcomm QCS605 | ||
| qualcomm SDM429W firmware | ||
| qualcomm SDM429W | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm sdx24 firmware | ||
| Qualcomm sdx24 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-3696?
CVE-2020-3696 is a vulnerability that allows for use after free while installing new security rules in ipcrtr even when the old rule is deleted.
Which Qualcomm products are affected by CVE-2020-3696?
Qualcomm Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, and some firmware versions of Google Android and Qualcomm chipsets are affected.
What is the severity of CVE-2020-3696?
The severity of CVE-2020-3696 is high, with a severity value of 7.8.
How can I fix CVE-2020-3696?
To fix CVE-2020-3696, it is recommended to apply the necessary security patches provided by Qualcomm.
Where can I find more information about CVE-2020-3696?
You can find more information about CVE-2020-3696 in the October 2020 security bulletin published by Qualcomm.
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/qualcomm
- canonical/qualcomm apq8009 firmware
- canonical/qualcomm apq8009
- canonical/qualcomm apq8017 firmware
- canonical/qualcomm apq8017
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm apq8096au firmware
- canonical/qualcomm apq8096au
- canonical/qualcomm apq8098 firmware
- canonical/qualcomm apq8098
- canonical/qualcomm ipq4019
- canonical/qualcomm ipq4019 firmware
- canonical/qualcomm ipq6018 firmware
- canonical/qualcomm ipq6018
- canonical/qualcomm ipq8064
- canonical/qualcomm ipq8064 firmware
- canonical/qualcomm ipq8074 firmware
- canonical/qualcomm ipq8074
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9207c firmware
- canonical/qualcomm mdm9207c
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9607
- canonical/qualcomm msm8905 firmware
- canonical/qualcomm msm8905
- canonical/qualcomm msm8909w
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm qca4531 firmware
- canonical/qualcomm qca4531
- canonical/qualcomm qca6574au firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm qca9531
- canonical/qualcomm qcm2150 firmware
- canonical/qualcomm qcm2150
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm qcs605
- canonical/qualcomm sdm429w firmware
- canonical/qualcomm sdm429w
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sdx24 firmware
- canonical/qualcomm sdx24