First published: Thu Nov 21 2019(Updated: )
Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm APQ8009W Firmware | ||
Qualcomm APQ8009W | ||
Qualcomm APQ8017 | ||
Qualcomm APQ8017 | ||
qualcomm apq8053-ac firmware | ||
Qualcomm APQ8053 Firmware | ||
Qualcomm APQ8096AU Firmware | ||
Qualcomm APQ8096AU Firmware | ||
qualcomm APQ8098 | ||
Qualcomm 8098 | ||
Qualcomm MDM9206 | ||
Qualcomm MDM9206 firmware | ||
qualcomm MDM9207C firmware | ||
Qualcomm 9207 LTE Modem | ||
Qualcomm MD9607 Firmware | ||
Qualcomm MDM9607 firmware | ||
qualcomm mdm9640 firmware | ||
Qualcomm MDM9640 | ||
Qualcomm MDM9650 | ||
Qualcomm MDM9650 firmware | ||
Qualcomm 8905 Firmware | ||
Qualcomm 8905 | ||
Qualcomm MSM8909W | ||
Qualcomm Snapdragon 8909 | ||
Qualcomm MSM8939 | ||
Qualcomm MSM8939 | ||
Qualcomm 8953 Firmware | ||
Qualcomm MSM8953 Firmware | ||
qualcomm MSM8996AU firmware | ||
Qualcomm MSM8996AU Firmware | ||
Qualcomm MSM8998 | ||
Qualcomm 8998 | ||
Qualcomm Nicobar | ||
Qualcomm Nicobar | ||
Qualcomm QCN7605 Firmware | ||
Qualcomm QCN7605 Firmware | ||
Qualcomm QCS405 Firmware | ||
Qualcomm QCS405 Firmware | ||
Qualcomm ZZ QCS605 firmware | ||
Qualcomm QCS605 Firmware | ||
Qualcomm 215 Firmware | ||
Qualcomm 215 | ||
Qualcomm SDA660 | ||
Qualcomm SDA660 | ||
Qualcomm SD845 Firmware | ||
Qualcomm Snapdragon 845 | ||
Qualcomm SDM429W | ||
Qualcomm SD429 | ||
qualcomm SDM439 firmware | ||
Qualcomm SDM439 Firmware | ||
qualcomm SDM630 firmware | ||
qualcomm SDM630 | ||
Qualcomm SDM632 | ||
Qualcomm SDM632 | ||
Qualcomm SD 636 Firmware | ||
Qualcomm SDM636 Firmware | ||
Qualcomm SD660 Firmware | ||
Qualcomm Snapdragon 660 | ||
Qualcomm SD710 Firmware | ||
Qualcomm Snapdragon 710 | ||
Qualcomm SDA/SDM845 Firmware | ||
Qualcomm Snapdragon 845 | ||
Qualcomm SDX20 Firmware | ||
Qualcomm SDX20 Firmware | ||
Qualcomm SDX24 | ||
Qualcomm SDX24 | ||
qualcomm SM6150P firmware | ||
Qualcomm SM6150P | ||
qualcomm SM7150 firmware | ||
qualcomm SM7150 firmware | ||
Qualcomm SM8150P Firmware | ||
Qualcomm SM8150 Fusion |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10486 has a high severity due to its potential for out of bounds access and the implications of a race condition.
To fix CVE-2019-10486, apply the firmware updates provided by Qualcomm for the affected Snapdragon products.
CVE-2019-10486 affects various Snapdragon platforms, including APQ8009, APQ8017, APQ8053, and others as detailed in the advisory.
The risks associated with CVE-2019-10486 include potential unauthorized access and system instability due to memory corruption.
Yes, additional information regarding CVE-2019-10486 can be found in Qualcomm's security bulletins.