CVE-2019-10623
HIGHQualcomm QCN7605/QCS605/Rennell/SC8180X/SDA845/SDM710/SDX24/SDX55/SM7150/SM8150/SM8250/SXR2130 Firmware Integer Overflow
Title source: llmDescription
Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, Rennell, SC8180X, SDA845, SDM710, SDX24, SDX55, SM7150, SM8150, SM8250, SXR2130
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
Scores
CVSS v3
7.1
EPSS
0.0004
EPSS Percentile
13.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-190
Status
published
Products (12)
qualcomm/qcn7605_firmware
qualcomm/qcs605_firmware
qualcomm/rennell_firmware
qualcomm/sc8180x_firmware
qualcomm/sda845_firmware
qualcomm/sdm710_firmware
qualcomm/sdx24_firmware
qualcomm/sdx55_firmware
qualcomm/sm7150_firmware
qualcomm/sm8150_firmware
... and 2 more
Published
Apr 16, 2020
Tracked Since
Feb 18, 2026