CVE-2020-3616

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions APQ8017 through SM8150

Description A buffer overflow issue exists in the display function due to a memory copy without checking the length of the size using the strcpy function. This issue affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables.

Recommendations For Qualcomm Snapdragon versions APQ8017 through SM8150, consider disabling the vulnerable display function until a patch is available. Restrict access to the display module to minimize the risk of exploitation. Avoid using the strcpy function in the affected display function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.