CVE-2020-3702

Summary

CVE	CVE-2020-3702
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2020-09-08 10:15:00 UTC
Updated	2022-01-06 14:19:00 UTC
Description	u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150

Risk And Classification

Problem Types: CWE-319

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Arista	Access Point	All	All	All	All
Hardware	Arista	Av2	-	All	All	All
Hardware	Arista	C-75	-	All	All	All
Hardware	Arista	C75-e	-	All	All	All
Hardware	Arista	O-90	-	All	All	All
Hardware	Arista	O90e	-	All	All	All
Hardware	Arista	W-68	-	All	All	All
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Hardware	Qualcomm	Apq8053	-	All	All	All
Hardware	Qualcomm	Apq8053	-	All	All	All
Operating System	Qualcomm	Apq8053 Firmware	-	All	All	All
Operating System	Qualcomm	Apq8053 Firmware	-	All	All	All
Hardware	Qualcomm	Ipq4019	-	All	All	All
Hardware	Qualcomm	Ipq4019	-	All	All	All
Operating System	Qualcomm	Ipq4019 Firmware	-	All	All	All
Operating System	Qualcomm	Ipq4019 Firmware	-	All	All	All
Hardware	Qualcomm	Ipq8064	-	All	All	All
Hardware	Qualcomm	Ipq8064	-	All	All	All
Operating System	Qualcomm	Ipq8064 Firmware	-	All	All	All
Operating System	Qualcomm	Ipq8064 Firmware	-	All	All	All
Hardware	Qualcomm	Msm8909w	-	All	All	All
Hardware	Qualcomm	Msm8909w	-	All	All	All
Operating System	Qualcomm	Msm8909w Firmware	-	All	All	All
Operating System	Qualcomm	Msm8909w Firmware	-	All	All	All
Hardware	Qualcomm	Msm8996au	-	All	All	All
Hardware	Qualcomm	Msm8996au	-	All	All	All
Operating System	Qualcomm	Msm8996au Firmware	-	All	All	All
Operating System	Qualcomm	Msm8996au Firmware	-	All	All	All
Hardware	Qualcomm	Qca9531	-	All	All	All
Hardware	Qualcomm	Qca9531	-	All	All	All
Operating System	Qualcomm	Qca9531 Firmware	-	All	All	All
Operating System	Qualcomm	Qca9531 Firmware	-	All	All	All
Hardware	Qualcomm	Qcn5502	-	All	All	All
Hardware	Qualcomm	Qcn5502	-	All	All	All
Operating System	Qualcomm	Qcn5502 Firmware	-	All	All	All
Operating System	Qualcomm	Qcn5502 Firmware	-	All	All	All
Hardware	Qualcomm	Qcs405	-	All	All	All
Hardware	Qualcomm	Qcs405	-	All	All	All
Operating System	Qualcomm	Qcs405 Firmware	-	All	All	All
Operating System	Qualcomm	Qcs405 Firmware	-	All	All	All
Hardware	Qualcomm	Sdx20	-	All	All	All
Hardware	Qualcomm	Sdx20	-	All	All	All
Operating System	Qualcomm	Sdx20 Firmware	-	All	All	All
Operating System	Qualcomm	Sdx20 Firmware	-	All	All	All
Hardware	Qualcomm	Sm6150	-	All	All	All
Hardware	Qualcomm	Sm6150	-	All	All	All
Operating System	Qualcomm	Sm6150 Firmware	-	All	All	All
Operating System	Qualcomm	Sm6150 Firmware	-	All	All	All
Hardware	Qualcomm	Sm7150	-	All	All	All
Hardware	Qualcomm	Sm7150	-	All	All	All
Operating System	Qualcomm	Sm7150 Firmware	-	All	All	All
Operating System	Qualcomm	Sm7150 Firmware	-	All	All	All

References

Reference	Source	Link	Tags
[SECURITY] [DLA 2785-1] linux-4.19 security update	MLIST	lists.debian.org
August 2020 Security Bulletin \| Qualcomm	CONFIRM	www.qualcomm.com	Vendor Advisory
Debian -- Security Information -- DSA-4978-1 linux	DEBIAN	www.debian.org
[SECURITY] [DLA 2843-1] linux security update	MLIST	lists.debian.org
Security Advisory 0058 - Arista	CONFIRM	www.arista.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

178809 Debian Security Update for linux (DSA 4978-1)
178844 Debian Security Update for linux-4.19 (DLA 2785-1)
178943 Debian Security Update for linux (DLA 2843-1)
198540 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5113-1)
198541 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5114-1)
198542 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5115-1)
198544 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5116-1)
198546 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5116-2)
353155 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-005
353242 Amazon Linux Security Advisory for kernel : ALAC2012-2022-036
353243 Amazon Linux Security Advisory for kmod-mlx5 : ALAC2012-2022-037
353244 Amazon Linux Security Advisory for kmod-sfc : ALAC2012-2022-038
356186 Amazon Linux Security Advisory for microvm-kernel : ALASMICROVM-KERNEL-4.14-2023-003
356218 Amazon Linux Security Advisory for microvm-kernel : ALASMICROVM-KERNEL-4.14-2023-002
751214 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3389-1)
751215 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3386-1)
751217 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3387-1)
751223 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3338-1)
751234 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1357-1)
751235 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3447-1)
751245 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1365-1)
751437 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3876-1)
751441 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3876-1)
751451 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3935-1)
751473 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3969-1)
751476 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3972-1)
751687 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (SUSE-SU-2022:0328-1)
751688 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (SUSE-SU-2022:0325-1)
751689 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (SUSE-SU-2022:0327-1)
753087 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 22 for SLE 15) (SUSE-SU-2022:0255-1)
753118 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (SUSE-SU-2022:0295-1)
753121 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 17 for SLE 15 SP2) (SUSE-SU-2022:0241-1)
753155 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15) (SUSE-SU-2022:0237-1)
753211 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 11 for SLE 15 SP2) (SUSE-SU-2022:0291-1)
753257 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15) (SUSE-SU-2022:0243-1)
753268 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 15 for SLE 15 SP2) (SUSE-SU-2022:0254-1)
753272 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 16 for SLE 12 SP5) (SUSE-SU-2022:0234-1)
753292 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2022:0293-1)
753369 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 13 for SLE 15 SP2) (SUSE-SU-2022:0292-1)
753385 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (SUSE-SU-2022:0257-1)
753393 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (SUSE-SU-2022:0246-1)
753408 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 15 for SLE 12 SP5) (SUSE-SU-2022:0263-1)