CVE-2019-10624
EUVD-2019-242816.04.2020, 11:15
While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| qualcomm | apq8096au_firmware | - |
| qualcomm | msm8996au_firmware | - |
| qualcomm | qca6574au_firmware | - |
| qualcomm | qcn7605_firmware | - |
| qualcomm | rennell_firmware | - |
| qualcomm | sc8180x_firmware | - |
| qualcomm | sdm710_firmware | - |
| qualcomm | sdx55_firmware | - |
| qualcomm | sm7150_firmware | - |
| qualcomm | sm8150_firmware | - |
| qualcomm | sm8250_firmware | - |
| qualcomm | sxr2130_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration