CVE-2019-10516

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions APQ8009 through SDX55 Qualcomm Snapdragon Compute versions APQ8009 through SDX55 Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDX55 Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDX55 Qualcomm Snapdragon IoT versions APQ8009 through SDX55 Qualcomm Snapdragon Mobile versions APQ8009 through SDX55 Qualcomm Snapdragon Voice & Music versions APQ8009 through SDX55 Qualcomm Snapdragon Wearables versions APQ8009 through SDX55

Description The issue involves multiple read overflows in the MM while decoding certain messages, including service accept, service reject, attach reject, and MT detach. This affects various Qualcomm Snapdragon products, including Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables. The estimated number of potentially affected devices is not specified.

Recommendations For Qualcomm Snapdragon Auto versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon Compute versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon IoT versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon Mobile versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon Voice & Music versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows. For Qualcomm Snapdragon Wearables versions APQ8009 through SDX55, update to a version that includes the fix for the read overflows.