CVE-2019-10629

EPSS 0.09%
Veröffentlicht 08.09.2020 10:15:12
Zuletzt bearbeitet 21.11.2024 04:19:37
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Bitra Firmware Version-

Qualcomm ≫ Bitra Version-

Qualcomm ≫ Ipq6018 Firmware Version-

Qualcomm ≫ Ipq6018 Version-

Qualcomm ≫ Ipq8074 Firmware Version-

Qualcomm ≫ Ipq8074 Version-

Qualcomm ≫ Mdm9205 Firmware Version-

Qualcomm ≫ Mdm9205 Version-

Qualcomm ≫ Nicobar Firmware Version-

Qualcomm ≫ Nicobar Version-

Qualcomm ≫ Qca8081 Firmware Version-

Qualcomm ≫ Qca8081 Version-

Qualcomm ≫ Qcn7605 Firmware Version-

Qualcomm ≫ Qcn7605 Version-

Qualcomm ≫ Qcs404 Firmware Version-

Qualcomm ≫ Qcs404 Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qcs605 Firmware Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Qcs610 Firmware Version-

Qualcomm ≫ Qcs610 Version-

Qualcomm ≫ Rennell Firmware Version-

Qualcomm ≫ Rennell Version-

Qualcomm ≫ Sa415m Firmware Version-

Qualcomm ≫ Sa415m Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Saipan Firmware Version-

Qualcomm ≫ Saipan Version-

Qualcomm ≫ Sc7180 Firmware Version-

Qualcomm ≫ Sc7180 Version-

Qualcomm ≫ Sc8180x Firmware Version-

Qualcomm ≫ Sc8180x Version-

Qualcomm ≫ Sda845 Firmware Version-

Qualcomm ≫ Sda845 Version-

Qualcomm ≫ Sdm670 Firmware Version-

Qualcomm ≫ Sdm670 Version-

Qualcomm ≫ Sdm710 Firmware Version-

Qualcomm ≫ Sdm710 Version-

Qualcomm ≫ Sdm845 Firmware Version-

Qualcomm ≫ Sdm845 Version-

Qualcomm ≫ Sdm850 Firmware Version-

Qualcomm ≫ Sdm850 Version-

Qualcomm ≫ Sdx20 Firmware Version-

Qualcomm ≫ Sdx20 Version-

Qualcomm ≫ Sdx24 Firmware Version-

Qualcomm ≫ Sdx24 Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sm6150 Firmware Version-

Qualcomm ≫ Sm6150 Version-

Qualcomm ≫ Sm7150 Firmware Version-

Qualcomm ≫ Sm7150 Version-

Qualcomm ≫ Sm8150 Firmware Version-

Qualcomm ≫ Sm8150 Version-

Qualcomm ≫ Sm8250 Firmware Version-

Qualcomm ≫ Sm8250 Version-

Qualcomm ≫ Sxr1130 Firmware Version-

Qualcomm ≫ Sxr1130 Version-

Qualcomm ≫ Sxr2130 Firmware Version-

Qualcomm ≫ Sxr2130 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.238

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-10629

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-10629

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-10629

EUVD