CVE-2019-10623
Severity CVSS v4.0:
Pending analysis
Type:
CWE-190
Integer Overflow or Wraparound
Publication date:
16/04/2020
Last modified:
24/08/2020
Description
Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, Rennell, SC8180X, SDA845, SDM710, SDX24, SDX55, SM7150, SM8150, SM8250, SXR2130
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
Base Score 2.0
3.60
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:rennell_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:rennell:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sc8180x_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sc8180x:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page