CVE-2019-10495
HIGHQualcomm Snapdragon Firmware - Out-of-bounds Write in HEVC/AVC Encoding Sequence Header Processing
Title source: llmDescription
Arbitrary buffer write issue while processing sequence header during HEVC or AVC encoding. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://source.android.com/security/bulletin/
Scores
CVSS v3
7.3
EPSS
0.0004
EPSS Percentile
13.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (36)
qualcomm/msm8909w_firmware
qualcomm/msm8996au_firmware
qualcomm/qcs605_firmware
qualcomm/qualcomm_215_firmware
qualcomm/sd_205_firmware
qualcomm/sd_210_firmware
qualcomm/sd_212_firmware
qualcomm/sd_425_firmware
qualcomm/sd_427_firmware
qualcomm/sd_429_firmware
... and 26 more
Published
Nov 06, 2019
Tracked Since
Feb 18, 2026