CVE-2020-3615

CRITICAL Year: 2020
CVSS v3 Score
9.8
Critical
CVSS v2 Score
7.5
High
Weakness Type
CWE-617
View all →

Vulnerability Description

Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8009, APQ8053, APQ8096AU, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SC8180X, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

Related Vulnerabilities

CVE-2019-9795

CRITICAL
CVSS:9.8(Critical)

A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affec...

CWE-6172019

CVE-2020-12417

HIGH
CVSS:8.8(High)

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects ...

CWE-6172020

CVE-2020-6617

HIGH
CVSS:8.8(High)

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.

CWE-6172020

CVE-2020-6619

HIGH
CVSS:8.8(High)

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.

CWE-6172020

CVE-2020-6623

HIGH
CVSS:8.8(High)

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.

CWE-6172020

CVE-2023-37015

HIGH
CVSS:8.6(High)

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `Path Switch Request` message missing a ...

CWE-6172023