CVE-2019-10620
Last modified
CVE-2019-10620 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150. EPSS estimates a 0.19% chance of exploitation in the next 30 days.
Description
Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8096au Firmware | All versions |
| Qualcomm | Apq8098 Firmware | All versions |
| Qualcomm | Msm8996au Firmware | All versions |
| Qualcomm | Qcn7605 Firmware | All versions |
| Qualcomm | Sdm439 Firmware | All versions |
| Qualcomm | Sdx24 Firmware | All versions |
| Qualcomm | Sm8150 Firmware | All versions |
References
- https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinPatch, Vendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-10620?
How severe is CVE-2019-10620?
How do I fix CVE-2019-10620?
Are you affected by CVE-2019-10620?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST