Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
References
Link | Resource |
---|---|
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: qualcomm
Published: 2019-12-18T05:25:44
Updated: 2019-12-18T05:25:44
Reserved: 2019-03-29T00:00:00
Link: CVE-2019-10537
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-18T06:15:11.940
Modified: 2019-12-23T17:19:22.817
Link: CVE-2019-10537
JSON object: View
Redhat Information
No data.
CWE