5.5
CVE-2019-10520
- EPSS 0.04%
- Veröffentlicht 12.12.2019 09:15:11
- Zuletzt bearbeitet 21.11.2024 04:19:20
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Qcs405 Firmware Version-
Qualcomm ≫ Sd 210 Firmware Version-
Qualcomm ≫ Sd 212 Firmware Version-
Qualcomm ≫ Sd 205 Firmware Version-
Qualcomm ≫ Sd 665 Firmware Version-
Qualcomm ≫ Sd 675 Firmware Version-
Qualcomm ≫ Sd 712 Firmware Version-
Qualcomm ≫ Sd 710 Firmware Version-
Qualcomm ≫ Sd 670 Firmware Version-
Qualcomm ≫ Sd 730 Firmware Version-
Qualcomm ≫ Sd 845 Firmware Version-
Qualcomm ≫ Sd 850 Firmware Version-
Qualcomm ≫ Sd 855 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.096 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-772 Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.