CVE-2019-10482

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Description The issue arises from the use of non-time-constant comparison functions, which can lead to timing side channels. This can potentially be used as a side channel for SUI corruption in various Qualcomm Snapdragon products.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.