CVE-2019-10567

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions APQ8009 through SDM845 Qualcomm Snapdragon Compute versions APQ8009 through SDM845 Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDM845 Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDM845 Qualcomm Snapdragon Mobile versions APQ8009 through SDM845 Qualcomm Snapdragon Voice & Music versions APQ8009 through SDM845 Qualcomm Snapdragon Wearables versions APQ8009 through SDM845

Description The issue is related to deceiving the GPU kernel driver into thinking there is room in the GPU ringbuffer, allowing unintended GPU opcodes to be executed. This is also associated with array indexing errors in the Qualcomm Linux operating system software. Exploitation of the issue could allow an attacker to execute arbitrary code.

Recommendations For Qualcomm Snapdragon Auto versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue. For Qualcomm Snapdragon Compute versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue. For Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue. For Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue. For Qualcomm Snapdragon Mobile versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue. For Qualcomm Snapdragon Voice & Music versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue. For Qualcomm Snapdragon Wearables versions APQ8009 through SDM845, update to a version that includes the fix for the GPU kernel driver issue.