CVE-2019-10555 - OpenCVE

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Qualcomm	Msm8920 Msm8996au Mdm9206 Apq8098 Mdm9207c Sdx20 Msm8909w Firmware Sdm429 Msm8909 Msm8937 Firmware Sdx20 Firmware Sdm660 Apq8017 Firmware Sdm670 Msm8909 Firmware Mdm9650 Msm8953 Firmware Sdm710 Firmware Qcn7605 Mdm9206 Firmware Sdm630 Firmware Msm8998 Firmware Qcs405 Sda660 Msm8917 Firmware Apq8096au Nicobar Firmware Sdm660 Firmware Sda845 Firmware Nicobar Sm7150 Firmware Apq8096au Firmware Sm6150 Firmware Sdx24 Sdm845 Mdm9607 Msm8920 Firmware Apq8098 Firmware Sdm670 Firmware Apq8053 Apq8053 Firmware Qcs605 Sdm636 Firmware Sdm636 Sdm450 Firmware Qcs405 Firmware Sda845 Sm6150 Mdm9607 Firmware Sda660 Firmware Sdm632 Sm8150 Firmware Sdm632 Firmware Qm215 Firmware Qcs605 Firmware Sm8150 Msm8940 Firmware Msm8998 Msm8909w Sdm450 Sdm710 Mdm9640 Msm8953 Qm215 Mdm9640 Firmware Sdm439 Firmware Sdm630 Mdm9207c Firmware Qcn7605 Firmware Sdm439 Msm8917 Msm8937 Sdm429 Firmware Msm8940 Apq8017 Msm8996au Firmware Sm7150 Sdx24 Firmware Mdm9650 Firmware Sdm845 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:msm8909_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:msm8920_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8920:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:msm8940_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8940:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:msm8998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8998:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:nicobar:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:qualcomm:sdm450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm450:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2019-12-12T08:30:40

Updated: 2019-12-12T08:30:40

Reserved: 2019-03-29T00:00:00

Link: CVE-2019-10555

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-12-12T09:15:12.127

Modified: 2019-12-13T15:51:07.403

Link: CVE-2019-10555

JSON object: View

Redhat Information

No data.

CWE

CWE-120