CVE-2019-10616

Moderate 5.5

Possibility of null pointer access if the SPDM commands are executed in the non-standard way in TZ. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8998, SA6155P, SDX24

Published March 5, 2020.

Affected software

Qualcomm Sdx24 Firmware

Qualcomm Mdm9150 Firmware

Qualcomm Mdm9607 Firmware

Qualcomm Msm8998 Firmware

Qualcomm Msm8909 Firmware

Qualcomm Mdm9650 Firmware

Qualcomm Msm8905 Firmware

Qualcomm Sa6155p Firmware

Qualcomm Mdm9206 Firmware

Qualcomm Apq8016 Firmware

Qualcomm Msm8909w Firmware

Qualcomm Apq8009 Firmware

Get alerts for Qualcomm Sdx24 Firmware

Reference links

https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin