CVE-2019-10535

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description The issue is related to improper validation for a loop variable received from firmware, which can lead to out-of-bounds access in the WLAN function. This occurs while iterating through a loop in various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music. The affected chipsets include APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, and SDX20.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.