CVE-2019-10506

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description The issue arises when processing the QCA NL80211 VENDOR SUBCMD AVOID FREQUENCY vendor command, where the driver fails to validate data from user space, potentially leading to undesired behavior. This affects various Snapdragon products, including Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, and Mobile, in a range of chipsets such as MDM9206, MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712, SD 730, SD 820, SD 820A, SD 835, SD 845, SD 850, SD 855, SDM630, and SDM660.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.