CVE-2019-10606

Summary

Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, QCS605, SDX24

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon WearablesMDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, QCS605, SDX24affected

Weaknesses

  • Buffer Copy Without Checking Size of Input in USB

ADP Enrichment

CVE Program Container

Additional References

References