CVE-2019-10597
HIGHQualcomm Snapdragon Firmware - Out-of-bounds Write via Unchecked User Address
Title source: llmDescription
kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar, QCS605, Rennell, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
References (1)
Core 1
Core References
Broken Link x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
10.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (20)
qualcomm/ipq6018_firmware
qualcomm/ipq8074_firmware
qualcomm/msm8996_firmware
qualcomm/msm8996au_firmware
qualcomm/nicobar_firmware
qualcomm/qcs605_firmware
qualcomm/rennell_firmware
qualcomm/saipan_firmware
qualcomm/sc7180_firmware
qualcomm/sc8180x_firmware
... and 10 more
Published
Jun 22, 2020
Tracked Since
Feb 18, 2026