CVE-2019-10520
MEDIUMQualcomm Snapdragon Mobile, Voice & Music - Denial of Service via GPU Memory Exhaustion
Title source: llmDescription
An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855
References (1)
Core 1
Core References
Patch, Third Party Advisory x_refsource_confirm
https://source.android.com/security/bulletin/pixel/2019-11-01
Scores
CVSS v3
5.5
EPSS
0.0017
EPSS Percentile
6.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-772
Status
published
Products (13)
qualcomm/qcs405_firmware
qualcomm/sd_205_firmware
qualcomm/sd_210_firmware
qualcomm/sd_212_firmware
qualcomm/sd_665_firmware
qualcomm/sd_670_firmware
qualcomm/sd_675_firmware
qualcomm/sd_710_firmware
qualcomm/sd_712_firmware
qualcomm/sd_730_firmware
... and 3 more
Published
Dec 12, 2019
Tracked Since
Feb 18, 2026