TROYANOSYVIRUS
Back to CVEs

CVE-2019-10541

CRITICAL
9.8

Description

Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

CVE Details

CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published11/6/2019
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0

Affected Products

qualcomm:mdm9206qualcomm:mdm9206_firmwarequalcomm:mdm9607qualcomm:mdm9607_firmwarequalcomm:msm8909wqualcomm:msm8909w_firmwarequalcomm:msm8996auqualcomm:msm8996au_firmwarequalcomm:qca6574auqualcomm:qca6574au_firmwarequalcomm:qcs405qualcomm:qcs405_firmwarequalcomm:qcs605qualcomm:qcs605_firmwarequalcomm:qualcomm_215qualcomm:qualcomm_215_firmwarequalcomm:sd_205qualcomm:sd_205_firmwarequalcomm:sd_210qualcomm:sd_210_firmwarequalcomm:sd_212qualcomm:sd_212_firmwarequalcomm:sd_425qualcomm:sd_425_firmwarequalcomm:sd_429qualcomm:sd_429_firmwarequalcomm:sd_439qualcomm:sd_439_firmwarequalcomm:sd_450qualcomm:sd_450_firmwarequalcomm:sd_600qualcomm:sd_600_firmwarequalcomm:sd_625qualcomm:sd_625_firmwarequalcomm:sd_632qualcomm:sd_632_firmwarequalcomm:sd_636qualcomm:sd_636_firmwarequalcomm:sd_665qualcomm:sd_665_firmwarequalcomm:sd_670qualcomm:sd_670_firmwarequalcomm:sd_675qualcomm:sd_675_firmwarequalcomm:sd_710qualcomm:sd_710_firmwarequalcomm:sd_712qualcomm:sd_712_firmwarequalcomm:sd_730qualcomm:sd_730_firmwarequalcomm:sd_820qualcomm:sd_820_firmwarequalcomm:sd_820aqualcomm:sd_820a_firmwarequalcomm:sd_835qualcomm:sd_835_firmwarequalcomm:sd_845qualcomm:sd_845_firmwarequalcomm:sd_850qualcomm:sd_850_firmwarequalcomm:sd_855qualcomm:sd_855_firmwarequalcomm:sda660qualcomm:sda660_firmwarequalcomm:sdm439qualcomm:sdm439_firmwarequalcomm:sdm630qualcomm:sdm630_firmwarequalcomm:sdm660qualcomm:sdm660_firmwarequalcomm:sdx20qualcomm:sdx20_firmware

Weaknesses (CWE)

CWE-119CWE-908

References

https://source.android.com/security/bulletin/(product-security@qualcomm.com)
https://source.android.com/security/bulletin/(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.