CVE-2019-10538: Input Validation
First published: Mon Aug 05 2019(Updated: )
Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Msm8996au | ||
| Qualcomm Qcs405 Firmware | ||
| Google Android | ||
| Qualcomm Qcs605 Firmware | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Qualcomm 215 | ||
| Qualcomm Sd 425 Firmware | ||
| Qualcomm Sd 425 | ||
| Qualcomm Sd 439 Firmware | ||
| Qualcomm Sd 439 | ||
| Qualcomm Sd 429 Firmware | ||
| Qualcomm Sd 429 | ||
| Qualcomm Sd 450 Firmware | ||
| Qualcomm Sd 450 | ||
| Qualcomm Sd 625 Firmware | ||
| Qualcomm Sd 625 | ||
| Qualcomm Sd 632 Firmware | ||
| Qualcomm Sd 632 | ||
| Qualcomm Sd 636 Firmware | ||
| Qualcomm Sd 636 | ||
| Qualcomm Sd 665 Firmware | ||
| Qualcomm Sd 665 | ||
| Google Android | ||
| Qualcomm Sd 675 | ||
| Qualcomm Sd 712 Firmware | ||
| Qualcomm Sd 712 | ||
| Qualcomm Sd 710 Firmware | ||
| Qualcomm Sd 710 | ||
| Qualcomm Sd 670 Firmware | ||
| Qualcomm Sd 670 | ||
| Qualcomm Sd 730 Firmware | ||
| Qualcomm Sd 730 | ||
| Qualcomm Sd 820a Firmware | ||
| Qualcomm Sd 820a | ||
| Qualcomm Sd 845 Firmware | ||
| Qualcomm Sd 845 | ||
| Qualcomm Sd 850 Firmware | ||
| Qualcomm Sd 850 | ||
| Qualcomm Sd 855 Firmware | ||
| Qualcomm Sd 855 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sdm439 Firmware | ||
| Qualcomm Sdm439 | ||
| Qualcomm Sdm660 Firmware | ||
| Qualcomm Sdm660 | ||
| Google Android | ||
| Qualcomm Sdx20 | ||
| Qualcomm Sdx24 Firmware | ||
| Google Android | ||
Remedy
https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-10538?
CVE-2019-10538 is a vulnerability that allows a modem to respond arbitrary pages into its address range, compromising the HLOS in various Qualcomm Snapdragon platforms.
What software is affected by CVE-2019-10538?
The affected software includes Qualcomm MSM8909W Firmware, Qualcomm MSM8996AU Firmware, Qualcomm QCS405 Firmware, Qualcomm QCS605 Firmware, Qualcomm Qualcomm 215 Firmware, Qualcomm SD 425 Firmware, Qualcomm SD 439 Firmware, Qualcomm SD 429 Firmware, Qualcomm SD 450 Firmware, Qualcomm SD 625 Firmware, Qualcomm SD 632 Firmware, Qualcomm SD 636 Firmware, Qualcomm SD 665 Firmware, Qualcomm SD 712 Firmware, Qualcomm SD 710 Firmware, Qualcomm SD 670 Firmware, Qualcomm SD 730 Firmware, Qualcomm SD 820a Firmware, Qualcomm SD 845 Firmware, Qualcomm SD 850 Firmware, Qualcomm SD 855 Firmware, Qualcomm SDA660 Firmware, Qualcomm SDM439 Firmware, Qualcomm SDM660 Firmware, and Qualcomm SDX24 Firmware.
What is the severity of CVE-2019-10538?
CVE-2019-10538 has a severity rating of 9.8, which is considered critical.
How can CVE-2019-10538 be exploited?
CVE-2019-10538 can be exploited by an attacker using a firmware response to inject arbitrary pages into the modem's address range.
Are there any references available for CVE-2019-10538?
Yes, you can find references for CVE-2019-10538 at the following links: - [Commit Details](https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=e0d510ff0fcb0778571579635b53ddd7e4caeb24) - [Android Security Bulletin - August 2019](https://source.android.com/docs/security/bulletin/2019-08-01) - [Code Aurora Security Bulletin - August 2019](https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin)
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/references
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm msm8996au
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm qualcomm 215
- canonical/qualcomm sd 425 firmware
- canonical/qualcomm sd 425
- canonical/qualcomm sd 439 firmware
- canonical/qualcomm sd 439
- canonical/qualcomm sd 429 firmware
- canonical/qualcomm sd 429
- canonical/qualcomm sd 450 firmware
- canonical/qualcomm sd 450
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm sd 625
- canonical/qualcomm sd 632 firmware
- canonical/qualcomm sd 632
- canonical/qualcomm sd 636 firmware
- canonical/qualcomm sd 636
- canonical/qualcomm sd 665 firmware
- canonical/qualcomm sd 665
- canonical/qualcomm sd 675
- canonical/qualcomm sd 712 firmware
- canonical/qualcomm sd 712
- canonical/qualcomm sd 710 firmware
- canonical/qualcomm sd 710
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sd 670
- canonical/qualcomm sd 730 firmware
- canonical/qualcomm sd 730
- canonical/qualcomm sd 820a firmware
- canonical/qualcomm sd 820a
- canonical/qualcomm sd 845 firmware
- canonical/qualcomm sd 845
- canonical/qualcomm sd 850 firmware
- canonical/qualcomm sd 850
- canonical/qualcomm sd 855 firmware
- canonical/qualcomm sd 855
- canonical/qualcomm sdm439 firmware
- canonical/qualcomm sdm439
- canonical/qualcomm sdm660 firmware
- canonical/qualcomm sdm660
- canonical/qualcomm sdx20
- canonical/qualcomm sdx24 firmware
- vendor/google