How severe is CVE-2020-3640?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2020-3640?

This is classified as CWE-131, which is a common weakness in software security.

CVE-2020-3640 - HIGH Severity | CVSS 7.8

Vulnerability Description

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Related Vulnerabilities

CVE-2002-0184

HIGH

CVSS:7.8(High)

Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, wh...

CWE-1312002

CVE-2004-0747

HIGH

CVSS:7.8(High)

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

CWE-1312004

CVE-2004-0940

HIGH

CVSS:7.8(High)

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents ...

CWE-1312004

CVE-2017-13289

HIGH

CVSS:7.8(High)

In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch. This could lead to a local escalation of privileges where the user can start an act...

CWE-1312017

CVE-2017-13315

HIGH

CVSS:7.8(High)

In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activi...

CWE-1312017

CVE-2019-14078

HIGH

CVSS:7.8(High)

Out of bound memory access while processing qpay due to not validating length of the response buffer provided by User. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Indus...

CWE-1312019