CVE-2019-10496

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions prior to the fixed version Qualcomm Snapdragon Compute versions prior to the fixed version Qualcomm Snapdragon Connectivity versions prior to the fixed version Qualcomm Snapdragon Consumer IOT versions prior to the fixed version Qualcomm Snapdragon Industrial IOT versions prior to the fixed version Qualcomm Snapdragon Mobile versions prior to the fixed version Qualcomm Snapdragon Voice & Music versions prior to the fixed version Qualcomm Snapdragon Wearables versions prior to the fixed version Qualcomm MSM8909W version prior to the fixed version Qualcomm MSM8996AU version prior to the fixed version Qualcomm QCS605 version prior to the fixed version Qualcomm 215 version prior to the fixed version Qualcomm SD 210/SD 212/SD 205 version prior to the fixed version Qualcomm SD 425 version prior to the fixed version Qualcomm SD 427 version prior to the fixed version Qualcomm SD 430 version prior to the fixed version Qualcomm SD 435 version prior to the fixed version Qualcomm SD 439 / SD 429 version prior to the fixed version Qualcomm SD 450 version prior to the fixed version Qualcomm SD 625 version prior to the fixed version Qualcomm SD 632 version prior to the fixed version Qualcomm SD 636 version prior to the fixed version Qualcomm SD 665 version prior to the fixed version Qualcomm SD 675 version prior to the fixed version Qualcomm SD 712 / SD 710 / SD 670 version prior to the fixed version Qualcomm SD 730 version prior to the fixed version Qualcomm SD 820 version prior to the fixed version Qualcomm SD 820A version prior to the fixed version Qualcomm SD 835 version prior to the fixed version Qualcomm SD 845 / SD 850 version prior to the fixed version Qualcomm SD 855 version prior to the fixed version Qualcomm SD 8CX version prior to the fixed version Qualcomm SDA660 version prior to the fixed version Qualcomm SDM439 version prior to the fixed version Qualcomm SDM630 version prior to the fixed version Qualcomm SDM660 version prior to the fixed version Qualcomm Snapdragon High Med 2016 version prior to the fixed version Qualcomm SXR1130 version prior to the fixed version

Description A lack of checking a variable received from a driver and populating it in the Firmware data structure leads to a buffer overflow. This issue affects various Qualcomm Snapdragon products, including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, and Wearables, as well as specific chipsets such as MSM8909W, MSM8996AU, QCS605, Qualcomm 215, and several SD series chipsets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.