CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-10542

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1410%
EPSS Percentile13.12th
Published2019年11月6日
Last Modified2024年11月21日

Vulnerability Description

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SDX20

Affected Platforms (CPE)

💻
Qualcomm

Mdm9150 Firmware

All versions
💻
Qualcomm

Mdm9206 Firmware

All versions
💻
Qualcomm

Mdm9607 Firmware

All versions
💻
Qualcomm

Mdm9615 Firmware

All versions
💻
Qualcomm

Mdm9640 Firmware

All versions
💻
Qualcomm

Mdm9650 Firmware

All versions
💻
Qualcomm

Msm8996au Firmware

All versions
💻
Qualcomm

Qca6174a Firmware

All versions
💻
Qualcomm

Qca6574au Firmware

All versions
💻
Qualcomm

Qca9377 Firmware

All versions
💻
Qualcomm

Qca9379 Firmware

All versions
💻
Qualcomm

Sd 210 Firmware

All versions
💻
Qualcomm

Sd 212 Firmware

All versions
💻
Qualcomm

Sd 205 Firmware

All versions
💻
Qualcomm

Sd 425 Firmware

All versions
💻
Qualcomm

Sd 427 Firmware

All versions
💻
Qualcomm

Sd 430 Firmware

All versions
💻
Qualcomm

Sd 435 Firmware

All versions
💻
Qualcomm

Sd 450 Firmware

All versions
💻
Qualcomm

Sd 600 Firmware

All versions
💻
Qualcomm

Sd 625 Firmware

All versions
💻
Qualcomm

Sd 712 Firmware

All versions
💻
Qualcomm

Sd 710 Firmware

All versions
💻
Qualcomm

Sd 670 Firmware

All versions
💻
Qualcomm

Sd 820 Firmware

All versions
💻
Qualcomm

Sd 820a Firmware

All versions
💻
Qualcomm

Sd 845 Firmware

All versions
💻
Qualcomm

Sd 850 Firmware

All versions
💻
Qualcomm

Sdx20 Firmware

All versions

References & Advisories

🔗 https://source.android.com/security/bulletin/
🔗 https://source.android.com/security/bulletin/

相关漏洞威胁

CVE-2019-23099.8

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real dat...

CVE-2019-22879.8

Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto,...

CVE-2018-119277.8

Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find ev...

CVE-2020-36307.8

Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snap...