← Volver a CVEs
CVE-2019-10598
HIGH7.8
Descripcion
Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado12/18/2019
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
qualcomm:apq8053qualcomm:apq8053_firmwarequalcomm:apq8096auqualcomm:apq8096au_firmwarequalcomm:mdm9607qualcomm:mdm9607_firmwarequalcomm:msm8996auqualcomm:msm8996au_firmwarequalcomm:qca6574auqualcomm:qca6574au_firmwarequalcomm:qcn7605qualcomm:qcn7605_firmwarequalcomm:qcs605qualcomm:qcs605_firmwarequalcomm:sda660qualcomm:sda660_firmwarequalcomm:sda845qualcomm:sda845_firmwarequalcomm:sdm630qualcomm:sdm630_firmwarequalcomm:sdm636qualcomm:sdm636_firmwarequalcomm:sdm660qualcomm:sdm660_firmwarequalcomm:sdm845qualcomm:sdm845_firmwarequalcomm:sdx20qualcomm:sdx20_firmwarequalcomm:sdx24qualcomm:sdx24_firmwarequalcomm:sdx55qualcomm:sdx55_firmwarequalcomm:sm6150qualcomm:sm6150_firmwarequalcomm:sm7150qualcomm:sm7150_firmwarequalcomm:sm8150qualcomm:sm8150_firmwarequalcomm:sxr1130qualcomm:sxr1130_firmware
Debilidades (CWE)
CWE-120
Referencias
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.