CVE-2020-3696

Name of the Vulnerable Software and Affected Versions Snapdragon Auto (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) Snapdragon Wearables (affected versions not specified) Snapdragon Wired Infrastructure and Networking (affected versions not specified) APQ8009 (affected versions not specified) APQ8017 (affected versions not specified) APQ8053 (affected versions not specified) APQ8096AU (affected versions not specified) APQ8098 (affected versions not specified) IPQ4019 (affected versions not specified) IPQ6018 (affected versions not specified) IPQ8064 (affected versions not specified) IPQ8074 (affected versions not specified) MDM9206 (affected versions not specified) MDM9207C (affected versions not specified) MDM9607 (affected versions not specified) MSM8905 (affected versions not specified) MSM8909W (affected versions not specified) MSM8996AU (affected versions not specified) QCA4531 (affected versions not specified) QCA6574AU (affected versions not specified) QCA9531 (affected versions not specified) QCM2150 (affected versions not specified) QCS605 (affected versions not specified) SDM429W (affected versions not specified) SDX20 (affected versions not specified) SDX24 (affected versions not specified)

Description The issue is related to a use after free error that occurs while installing a new security rule in ipcrtr. This happens because the old rule is deleted, but it could still be in use for checking security permissions for a particular process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.