← Back

CVE-2019-10616

nvd nist
Published: Mar 5, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

Possibility of null pointer access if the SPDM commands are executed in the non-standard way in TZ. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8998, SA6155P, SDX24

Affected (12)

Qualcomm
12 products
Apq8009 Firmware
Apq8016 Firmware
Mdm9150 Firmware
Mdm9607 Firmware
Mdm9650 Firmware
Msm8905 Firmware
Msm8909 Firmware
Msm8909w Firmware
Msm8998 Firmware
Sa6155p Firmware
Sdx24 Firmware
Mdm9206 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8009 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8009
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8016 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8016
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9150
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9607 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9607
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9650 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9650
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8905 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8905
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8909 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8909
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8909w Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8909w
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8998 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8998
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sa6155p Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sa6155p
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx24 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx24
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9206 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9206
All versions

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (2)

Source: product-security@qualcomm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.