7.8
CVE-2019-10597
- EPSS 0.04%
- Veröffentlicht 22.06.2020 07:15:10
- Zuletzt bearbeitet 21.11.2024 04:19:32
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar, QCS605, Rennell, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Ipq6018 Firmware Version-
Qualcomm ≫ Ipq8074 Firmware Version-
Qualcomm ≫ Msm8996 Firmware Version-
Qualcomm ≫ Msm8996au Firmware Version-
Qualcomm ≫ Nicobar Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Rennell Firmware Version-
Qualcomm ≫ Saipan Firmware Version-
Qualcomm ≫ Sc7180 Firmware Version-
Qualcomm ≫ Sc8180x Firmware Version-
Qualcomm ≫ Sdm670 Firmware Version-
Qualcomm ≫ Sdm710 Firmware Version-
Qualcomm ≫ Sdm845 Firmware Version-
Qualcomm ≫ Sdm850 Firmware Version-
Qualcomm ≫ Sm6150 Firmware Version-
Qualcomm ≫ Sm7150 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Qualcomm ≫ Sm8250 Firmware Version-
Qualcomm ≫ Sxr1130 Firmware Version-
Qualcomm ≫ Sxr2130 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.067 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.