Vulnerability Details CVE-2019-10624
While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2019-10624
-
cpe:2.3:h:qualcomm:apq8096au:-
-
cpe:2.3:h:qualcomm:msm8996au:-
-
cpe:2.3:h:qualcomm:qca6574au:-
-
cpe:2.3:h:qualcomm:qcn7605:-
-
cpe:2.3:h:qualcomm:rennell:-
-
cpe:2.3:h:qualcomm:sc8180x:-
-
cpe:2.3:h:qualcomm:sdm710:-
-
cpe:2.3:h:qualcomm:sdx55:-
-
cpe:2.3:h:qualcomm:sm7150:-
-
cpe:2.3:h:qualcomm:sm8150:-
-
cpe:2.3:h:qualcomm:sm8250:-
-
cpe:2.3:h:qualcomm:sxr2130:-
-
cpe:2.3:o:qualcomm:apq8096au_firmware:-
-
cpe:2.3:o:qualcomm:msm8996au_firmware:-
-
cpe:2.3:o:qualcomm:qca6574au_firmware:-
-
cpe:2.3:o:qualcomm:qcn7605_firmware:-
-
cpe:2.3:o:qualcomm:rennell_firmware:-
-
cpe:2.3:o:qualcomm:sc8180x_firmware:-
-
cpe:2.3:o:qualcomm:sdm710_firmware:-
-
cpe:2.3:o:qualcomm:sdx55_firmware:-
-
cpe:2.3:o:qualcomm:sm7150_firmware:-
-
cpe:2.3:o:qualcomm:sm8150_firmware:-
-
cpe:2.3:o:qualcomm:sm8250_firmware:-
-
cpe:2.3:o:qualcomm:sxr2130_firmware:-