← Back

CVE-2019-10605

nvd nist
Published: Dec 18, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24

Affected (14)

Qualcomm
14 products
Apq8009 Firmware
Apq8053 Firmware
Ipq8074 Firmware
Mdm9607 Firmware
Mdm9650 Firmware
Msm8909 Firmware
Msm8939 Firmware
Qcn7605 Firmware
Sda660 Firmware
Sdm630 Firmware
Sdm636 Firmware
Sdm660 Firmware
Sdx20 Firmware
Sdx24 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8009 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8009
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8053 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8053
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8074 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8074
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9607 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9607
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9650 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9650
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8909 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8909
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8939 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8939
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcn7605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcn7605
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sda660 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sda660
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm630 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm630
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm636 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm636
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm660 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm660
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx20 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx20
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx24 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx24
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: product-security@qualcomm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.