CVE-2020-3704: Input Validation
First published: Mon Oct 05 2020(Updated: )
u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent to InvalidConnectionRequest(CVE-2019-19193) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, AR9344, Bitra, IPQ5018, Kamorta, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA9377, QCA9886, QCM6125, QCN7605, QCS404, QCS405, QCS605, QCS610, QRB5165, Rennell, SA415M, SA515M, Saipan, SC7180, SC8180X, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm Agatti Firmware | ||
| Qualcomm Agatti Firmware | ||
| Qualcomm APQ8009W Firmware | ||
| Qualcomm APQ8009 Firmware | ||
| Qualcomm APQ8017 | ||
| Qualcomm APQ8017 | ||
| Qualcomm APQ8053 | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm AR9344 | ||
| Qualcomm AR9344 Firmware | ||
| Qualcomm Bitra | ||
| Qualcomm Bitra Firmware | ||
| Qualcomm IPQ5018 Firmware | ||
| Qualcomm IPQ5018 Firmware | ||
| Qualcomm Kamorta | ||
| qualcomm Kamorta firmware | ||
| Qualcomm MD9607 Firmware | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm MDM9640 Firmware | ||
| Qualcomm MDM9640 Firmware | ||
| Qualcomm MDM9650 | ||
| Qualcomm MDM9650 firmware | ||
| qualcomm MSM8996AU firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm Nicobar | ||
| Qualcomm Nicobar | ||
| Qualcomm QCA6174A Firmware | ||
| Qualcomm QCA6174A Firmware | ||
| Qualcomm QCA6390 Firmware | ||
| Qualcomm QCA6390 Firmware | ||
| Qualcomm QCA6574 Firmware | ||
| Qualcomm QCA6574AU | ||
| Qualcomm QCA9377 Firmware | ||
| Qualcomm QCA9377 Firmware | ||
| Qualcomm QCA9886 Firmware | ||
| Qualcomm QCA9886 Firmware | ||
| Qualcomm QCM6125 Firmware | ||
| Qualcomm QCM6125 Firmware | ||
| Qualcomm QCN7605 Firmware | ||
| Qualcomm QCN7605 Firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS605 | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm QCS610 Firmware | ||
| Qualcomm QCS610 Firmware | ||
| Qualcomm QRB5165N Firmware | ||
| Qualcomm QRB5165 Firmware | ||
| Qualcomm Rennell Firmware | ||
| Qualcomm Rennell Firmware | ||
| Qualcomm SA415M Firmware | ||
| Qualcomm SA415M Firmware | ||
| Qualcomm SA515M Firmware | ||
| Qualcomm SA515M Firmware | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm SC7180P Firmware | ||
| Qualcomm SC7180P Firmware | ||
| qualcomm SC8180X firmware | ||
| Qualcomm SC8180X | ||
| Qualcomm SD 845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SD660 Firmware | ||
| Qualcomm Snapdragon 660 | ||
| Qualcomm SD 670 Firmware | ||
| Qualcomm SDM670 Firmware | ||
| Qualcomm SD 710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm SDA/SDM845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm Snapdragon 850 Firmware | ||
| Qualcomm SD850 | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm SDX24 | ||
| Qualcomm SDX24 | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55 Firmware | ||
| Qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150P firmware | ||
| qualcomm SM7150 firmware | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SM8250 | ||
| qualcomm SM8250 firmware | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware | ||
| Qualcomm SXR2130P Firmware | ||
| Qualcomm SXR2130 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://source.android.com/docs/security/bulletin/2020-10-01/#asterisk
- https://source.android.com/docs/security/bulletin/2020-10-01 (Advisory)
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin
Frequently Asked Questions
What is the severity of CVE-2020-3704?
CVE-2020-3704 is classified as a moderate severity vulnerability due to its potential to cause a deadlock state in affected systems.
How do I fix CVE-2020-3704?
To mitigate CVE-2020-3704, users should apply available updates and patches from their device manufacturers.
Which devices are affected by CVE-2020-3704?
CVE-2020-3704 affects various Qualcomm platforms including certain Android devices with Snapdragon processors.
What is the impact of CVE-2020-3704 on my device?
CVE-2020-3704 can cause affected devices to enter a deadlock state, potentially leading to service disruption.
Is there a workaround for CVE-2020-3704?
Currently, the recommended solution for CVE-2020-3704 is to apply security patches as there are no specific workarounds.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/description
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/event
- agent/last-modified-date
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm agatti firmware
- canonical/qualcomm apq8009w firmware
- canonical/qualcomm apq8009 firmware
- canonical/qualcomm apq8017
- canonical/qualcomm apq8053
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm ar9344
- canonical/qualcomm ar9344 firmware
- canonical/qualcomm bitra
- canonical/qualcomm bitra firmware
- canonical/qualcomm ipq5018 firmware
- canonical/qualcomm kamorta
- canonical/qualcomm kamorta firmware
- canonical/qualcomm md9607 firmware
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9640 firmware
- canonical/qualcomm mdm9650
- canonical/qualcomm mdm9650 firmware
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm nicobar
- canonical/qualcomm qca6174a firmware
- canonical/qualcomm qca6390 firmware
- canonical/qualcomm qca6574 firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm qca9377 firmware
- canonical/qualcomm qca9886 firmware
- canonical/qualcomm qcm6125 firmware
- canonical/qualcomm qcn7605 firmware
- canonical/qualcomm qcs404 firmware
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs605
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm qcs610 firmware
- canonical/qualcomm qrb5165n firmware
- canonical/qualcomm qrb5165 firmware
- canonical/qualcomm rennell firmware
- canonical/qualcomm sa415m firmware
- canonical/qualcomm sa515m firmware
- canonical/qualcomm saipan firmware
- canonical/qualcomm sc7180p firmware
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sd 845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sd660 firmware
- canonical/qualcomm snapdragon 660
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sd 710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm sda/sdm845 firmware
- canonical/qualcomm snapdragon 850 firmware
- canonical/qualcomm sd850
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sdx24
- canonical/qualcomm sdx55m firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150p firmware
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sm8250
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130 firmware