← Back

CVE-2019-10622

nvd nist
Published: Apr 16, 2020Modified: Nov 21, 2024

JSON object

Loading...
9.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Exploitability: 3.9 / Impact: 5.2
Source: NVD

Description

Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCN7605, QCS605, SC8180X, SDM710, SDX24, SDX55, SM8150, SM8250, SXR2130

Affected (20)

Qualcomm
20 products
Apq8009 Firmware
Apq8096au Firmware
Ipq4019 Firmware
Ipq6018 Firmware
Ipq8064 Firmware
Ipq8074 Firmware
Mdm9206 Firmware
Mdm9207c Firmware
Mdm9607 Firmware
Mdm9640 Firmware
Mdm9650 Firmware
Qcn7605 Firmware
Qcs605 Firmware
Sc8180x Firmware
Sdm710 Firmware
Sdx24 Firmware
Sdx55 Firmware
Sm8150 Firmware
Sm8250 Firmware
Sxr2130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8009 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8009
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8096au Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8096au
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq4019 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq4019
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq6018 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq6018
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8064 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8064
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8074 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8074
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9206 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9206
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9207c Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9207c
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9607 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9607
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9640 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9640
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9650 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9650
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcn7605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcn7605
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs605
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sc8180x Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sc8180x
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm710 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm710
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx24 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx24
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx55 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx55
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8250 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8250
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr2130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr2130
All versions

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (2)

Source: product-security@qualcomm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.