7.8

CVE-2019-10607

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996, MSM8996AU, QCA4531, QCA8081, QCA9531, QCA9558, QCA9886, QCA9980, QCN7605, QCS605, SDA660, SDX20, SDX24, SDX55, SM8150, SXR1130

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommApq8009 Firmware Version-
   QualcommApq8009 Version-
QualcommApq8017 Firmware Version-
   QualcommApq8017 Version-
QualcommApq8053 Firmware Version-
   QualcommApq8053 Version-
QualcommApq8064 Firmware Version-
   QualcommApq8064 Version-
QualcommApq8096au Firmware Version-
   QualcommApq8096au Version-
QualcommApq8098 Firmware Version-
   QualcommApq8098 Version-
QualcommIpq4019 Firmware Version-
   QualcommIpq4019 Version-
QualcommIpq8064 Firmware Version-
   QualcommIpq8064 Version-
QualcommIpq8074 Firmware Version-
   QualcommIpq8074 Version-
QualcommMdm9206 Firmware Version-
   QualcommMdm9206 Version-
QualcommMdm9207c Firmware Version-
   QualcommMdm9207c Version-
QualcommMdm9607 Firmware Version-
   QualcommMdm9607 Version-
QualcommMdm9615 Firmware Version-
   QualcommMdm9615 Version-
QualcommMdm9640 Firmware Version-
   QualcommMdm9640 Version-
QualcommMdm9650 Firmware Version-
   QualcommMdm9650 Version-
QualcommMsm8905 Firmware Version-
   QualcommMsm8905 Version-
QualcommMsm8909 Firmware Version-
   QualcommMsm8909 Version-
QualcommMsm8909w Firmware Version-
   QualcommMsm8909w Version-
QualcommMsm8917 Firmware Version-
   QualcommMsm8917 Version-
QualcommMsm8920 Firmware Version-
   QualcommMsm8920 Version-
QualcommMsm8937 Firmware Version-
   QualcommMsm8937 Version-
QualcommMsm8939 Firmware Version-
   QualcommMsm8939 Version-
QualcommMsm8940 Firmware Version-
   QualcommMsm8940 Version-
QualcommMsm8996 Firmware Version-
   QualcommMsm8996 Version-
QualcommMsm8996au Firmware Version-
   QualcommMsm8996au Version-
QualcommQca4531 Firmware Version-
   QualcommQca4531 Version-
QualcommQca8081 Firmware Version-
   QualcommQca8081 Version-
QualcommQca9531 Firmware Version-
   QualcommQca9531 Version-
QualcommQca9558 Firmware Version-
   QualcommQca9558 Version-
QualcommQca9886 Firmware Version-
   QualcommQca9886 Version-
QualcommQca9980 Firmware Version-
   QualcommQca9980 Version-
QualcommQcn7605 Firmware Version-
   QualcommQcn7605 Version-
QualcommQcs605 Firmware Version-
   QualcommQcs605 Version-
QualcommSda660 Firmware Version-
   QualcommSda660 Version-
QualcommSdx20 Firmware Version-
   QualcommSdx20 Version-
QualcommSdx24 Firmware Version-
   QualcommSdx24 Version-
QualcommSdx55 Firmware Version-
   QualcommSdx55 Version-
QualcommSm8150 Firmware Version-
   QualcommSm8150 Version-
QualcommSxr1130 Firmware Version-
   QualcommSxr1130 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.09% 0.238
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.