PT-2020-9117 · Qualcomm · Sdm710+20
Published
2020-04-16
·
Updated
2020-04-21
·
CVE-2019-10625
CVSS v2.0
3.6
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Snapdragon Auto versions prior to the fixed version
Snapdragon Compute versions prior to the fixed version
Snapdragon Consumer IOT versions prior to the fixed version
Snapdragon Industrial IOT versions prior to the fixed version
Snapdragon Mobile versions prior to the fixed version
Snapdragon Wearables versions prior to the fixed version
APQ8009 version not specified
APQ8096AU version not specified
MDM9206 version not specified
MDM9207C version not specified
MDM9607 version not specified
MDM9640 version not specified
MDM9650 version not specified
QCS605 version not specified
Rennell version not specified
SC8180X version not specified
SDM429W version not specified
SDM710 version not specified
SDX55 version not specified
SM7150 version not specified
SM8150 version not specified
Description
The issue is related to out of bound access in diag services when DCI command buffer reallocation is not done properly with required capacity. This affects various Snapdragon products, including Auto, Compute, Consumer IOT, Industrial IOT, Mobile, and Wearables, across multiple chipsets.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apq8009
Apq8096Au
Mdm9206
Mdm9207C
Mdm9607
Mdm9640
Mdm9650
Qcs605
Rennell
Sc8180X
Sdm429
Sdm710
Sdx55
Sm7150
Sm8150
Snapdragon Auto
Snapdragon Compute
Snapdragon Consumer Iot
Snapdragon Industrial Iot
Snapdragon Mobile
Snapdragon Wearables