CVE-2019-10597 - OpenCVE

kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar, QCS605, Rennell, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Qualcomm	Sxr2130 Sxr2130 Firmware Msm8996au Saipan Firmware Sm8150 Firmware Ipq8074 Nicobar Firmware Rennell Firmware Nicobar Qcs605 Firmware Ipq8074 Firmware Sm6150 Firmware Sm7150 Firmware Sm8150 Saipan Sdm845 Ipq6018 Sc7180 Sdm670 Sdm670 Firmware Sm8250 Ipq6018 Firmware Msm8996 Sc8180x Firmware Qcs605 Sm8250 Firmware Msm8996 Firmware Sdm710 Sc8180x Sc7180 Firmware Sdm850 Firmware Sm6150 Msm8996au Firmware Sxr1130 Firmware Rennell Sdm850 Sm7150 Sxr1130 Sdm845 Firmware Sdm710 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:msm8996_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:nicobar:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:rennell_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:rennell:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:saipan_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:saipan:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:sc7180_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sc7180:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:sc8180x_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sc8180x:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:sdm850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm850:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2020-06-22T07:10:33

Updated: 2020-06-22T07:10:33

Reserved: 2019-03-29T00:00:00

Link: CVE-2019-10597

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-22T07:15:10.443

Modified: 2021-07-21T11:39:23.747

Link: CVE-2019-10597

JSON object: View

Redhat Information

No data.

CWE

CWE-787