CVE-2019-10593

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions APQ8009 through SDX55 Qualcomm Snapdragon Compute versions APQ8009 through SDX55 Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDX55 Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDX55 Qualcomm Snapdragon IoT versions APQ8009 through SDX55 Qualcomm Snapdragon Mobile versions APQ8009 through SDX55 Qualcomm Snapdragon Voice & Music versions APQ8009 through SDX55 Qualcomm Snapdragon Wearables versions APQ8009 through SDX55

Description A buffer overflow issue can occur when processing non-standard SDP video Image attribute parameters in a VILTE/VOLTE call. This issue affects various Qualcomm Snapdragon products, including Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables, with specific affected chipsets.

Recommendations For Qualcomm Snapdragon Auto, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon Compute, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon Consumer IOT, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon Industrial IOT, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon IoT, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon Mobile, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon Voice & Music, update the firmware to a version that includes the fix for the buffer overflow issue. For Qualcomm Snapdragon Wearables, update the firmware to a version that includes the fix for the buffer overflow issue. As a temporary workaround, consider disabling the non-standard SDP video Image attribute parameter processing in VILTE/VOLTE calls until a patch is available.