CVE-2020-3617

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified) in various chipsets including Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130

Description The issue is related to a buffer over-read in the Q6 testbus framework. This occurs because the diag packet length is not fully validated before the field is accessed, leading to information disclosure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.