CVE-2020-3625 - OpenCVE

When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Qualcomm	Sm8250 Firmware Sxr2130 Sm8250 Sxr2130 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2020-06-02T15:05:46

Updated: 2020-06-02T15:05:46

Reserved: 2019-12-17T00:00:00

Link: CVE-2020-3625

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-02T15:15:13.853

Modified: 2020-06-03T19:41:34.073

Link: CVE-2020-3625

JSON object: View

Redhat Information

No data.

CWE

CWE-120

{"containers": {"cna": {"affected": [{"product": "Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "SM8250, SXR2130"}]}], "descriptions": [{"lang": "en", "value": "When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130"}], "problemTypes": [{"descriptions": [{"description": "Buffer Copy Without Checking Size of Input in DSP Services", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-02T15:05:46", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2020-3625", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile", "version": {"version_data": [{"version_value": "SM8250, SXR2130"}]}}]}, "vendor_name": "Qualcomm, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer Copy Without Checking Size of Input in DSP Services"}]}]}, "references": {"reference_data": [{"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"}]}}}}, "cveMetadata": {"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2020-3625", "datePublished": "2020-06-02T15:05:46", "dateReserved": "2019-12-17T00:00:00", "dateUpdated": "2020-06-02T15:05:46", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC730C6-FB32-4566-AAE2-B2B261BA9411", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A432773-467F-492C-AA3A-ADF08A21FB3F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130"}, {"lang": "es", "value": "Cuando se realiza una consulta de las capacidades DSP, una Pila fuera de l\u00edmites se produce debido a una longitud de b\u00fafer incorrecta configurada para los atributos DSP en los productos Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile en las versiones SM8250, SXR2130"}], "id": "CVE-2020-3625", "lastModified": "2020-06-03T19:41:34.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-02T15:15:13.853", "references": [{"source": "product-security@qualcomm.com", "tags": ["Vendor Advisory"], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}