CVE-2019-10538
Summary
| CVE | CVE-2019-10538 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-09-30 16:15:00 UTC |
| Updated | 2019-10-02 16:10:00 UTC |
| Description | Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24 |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Qualcomm | Msm8909w | - | All | All | All |
| Hardware | Qualcomm | Msm8909w | - | All | All | All |
| Operating System | Qualcomm | Msm8909w Firmware | - | All | All | All |
| Operating System | Qualcomm | Msm8909w Firmware | - | All | All | All |
| Hardware | Qualcomm | Msm8996au | - | All | All | All |
| Hardware | Qualcomm | Msm8996au | - | All | All | All |
| Operating System | Qualcomm | Msm8996au Firmware | - | All | All | All |
| Operating System | Qualcomm | Msm8996au Firmware | - | All | All | All |
| Hardware | Qualcomm | Qcs405 | - | All | All | All |
| Hardware | Qualcomm | Qcs405 | - | All | All | All |
| Operating System | Qualcomm | Qcs405 Firmware | - | All | All | All |
| Operating System | Qualcomm | Qcs405 Firmware | - | All | All | All |
| Hardware | Qualcomm | Qcs605 | - | All | All | All |
| Hardware | Qualcomm | Qcs605 | - | All | All | All |
| Operating System | Qualcomm | Qcs605 Firmware | - | All | All | All |
| Operating System | Qualcomm | Qcs605 Firmware | - | All | All | All |
| Hardware | Qualcomm | Qualcomm 215 | - | All | All | All |
| Hardware | Qualcomm | Qualcomm 215 | - | All | All | All |
| Operating System | Qualcomm | Qualcomm 215 Firmware | - | All | All | All |
| Operating System | Qualcomm | Qualcomm 215 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sda660 | - | All | All | All |
| Hardware | Qualcomm | Sda660 | - | All | All | All |
| Operating System | Qualcomm | Sda660 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sda660 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sdm439 | - | All | All | All |
| Hardware | Qualcomm | Sdm439 | - | All | All | All |
| Operating System | Qualcomm | Sdm439 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sdm439 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sdm660 | - | All | All | All |
| Hardware | Qualcomm | Sdm660 | - | All | All | All |
| Operating System | Qualcomm | Sdm660 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sdm660 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sdx20 | - | All | All | All |
| Hardware | Qualcomm | Sdx20 | - | All | All | All |
| Operating System | Qualcomm | Sdx20 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sdx20 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sdx24 | - | All | All | All |
| Hardware | Qualcomm | Sdx24 | - | All | All | All |
| Operating System | Qualcomm | Sdx24 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sdx24 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 425 | - | All | All | All |
| Hardware | Qualcomm | Sd 425 | - | All | All | All |
| Operating System | Qualcomm | Sd 425 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 425 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 429 | - | All | All | All |
| Hardware | Qualcomm | Sd 429 | - | All | All | All |
| Operating System | Qualcomm | Sd 429 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 429 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 439 | - | All | All | All |
| Hardware | Qualcomm | Sd 439 | - | All | All | All |
| Operating System | Qualcomm | Sd 439 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 439 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 450 | - | All | All | All |
| Hardware | Qualcomm | Sd 450 | - | All | All | All |
| Operating System | Qualcomm | Sd 450 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 450 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 625 | - | All | All | All |
| Hardware | Qualcomm | Sd 625 | - | All | All | All |
| Operating System | Qualcomm | Sd 625 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 625 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 632 | - | All | All | All |
| Hardware | Qualcomm | Sd 632 | - | All | All | All |
| Operating System | Qualcomm | Sd 632 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 632 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 636 | - | All | All | All |
| Hardware | Qualcomm | Sd 636 | - | All | All | All |
| Operating System | Qualcomm | Sd 636 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 636 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 665 | - | All | All | All |
| Hardware | Qualcomm | Sd 665 | - | All | All | All |
| Operating System | Qualcomm | Sd 665 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 665 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 670 | - | All | All | All |
| Hardware | Qualcomm | Sd 670 | - | All | All | All |
| Operating System | Qualcomm | Sd 670 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 670 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 675 | - | All | All | All |
| Hardware | Qualcomm | Sd 675 | - | All | All | All |
| Operating System | Qualcomm | Sd 675 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 675 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 710 | - | All | All | All |
| Hardware | Qualcomm | Sd 710 | - | All | All | All |
| Operating System | Qualcomm | Sd 710 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 710 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 712 | - | All | All | All |
| Hardware | Qualcomm | Sd 712 | - | All | All | All |
| Operating System | Qualcomm | Sd 712 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 712 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 730 | - | All | All | All |
| Hardware | Qualcomm | Sd 730 | - | All | All | All |
| Operating System | Qualcomm | Sd 730 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 730 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 820a | - | All | All | All |
| Hardware | Qualcomm | Sd 820a | - | All | All | All |
| Operating System | Qualcomm | Sd 820a Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 820a Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 845 | - | All | All | All |
| Hardware | Qualcomm | Sd 845 | - | All | All | All |
| Operating System | Qualcomm | Sd 845 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 845 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 850 | - | All | All | All |
| Hardware | Qualcomm | Sd 850 | - | All | All | All |
| Operating System | Qualcomm | Sd 850 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 850 Firmware | - | All | All | All |
| Hardware | Qualcomm | Sd 855 | - | All | All | All |
| Hardware | Qualcomm | Sd 855 | - | All | All | All |
| Operating System | Qualcomm | Sd 855 Firmware | - | All | All | All |
| Operating System | Qualcomm | Sd 855 Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| August 2019 Code Aurora Security Bulletin - Code Aurora | CONFIRM | www.codeaurora.org | Patch, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.