What is the severity of CVE-2019-10589?

CVE-2019-10589 has been classified with a moderate severity level due to the potential for buffer overflow exploits.

How do I fix CVE-2019-10589?

To resolve CVE-2019-10589, users should update their devices to the latest firmware provided by Qualcomm or the device manufacturer.

Which devices are impacted by CVE-2019-10589?

CVE-2019-10589 affects multiple Qualcomm chipsets used in various Android devices including those running Snapdragon Auto, Snapdragon Compute, and Snapdragon Mobile.

What potential consequences does CVE-2019-10589 pose?

CVE-2019-10589 can lead to exploitation possibilities like unauthorized access or system crashes due to buffer overflows.

Is CVE-2019-10589 publicly disclosed?

Yes, CVE-2019-10589 is a publicly disclosed vulnerability and is available in security bulletins from Qualcomm and Android.

Vulnerability/
CVE-2019-10589

critical

CWE

120

6/4/2020

16/4/2020

4/8/2024

CVE-2019-10589

First published: Mon Apr 06 2020(Updated: )

Lack of length check of response buffer can lead to buffer over-flow while GP command response buffer handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, MDM9206, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
Qualcomm APQ8017
Qualcomm APQ8017
qualcomm apq8053-ac firmware
Qualcomm APQ8053 Firmware
qualcomm APQ8098
Qualcomm 8098
Qualcomm MDM9206
Qualcomm MDM9206 firmware
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
Qualcomm MSM8917
Qualcomm MSM8917 Firmware
Qualcomm 8920 Firmware
Qualcomm 8920
Qualcomm 8937 Firmware
qualcomm MSM8937 firmware
qualcomm MSM8940 firmware
Qualcomm 8940
Qualcomm 8953 Firmware
Qualcomm MSM8953 Firmware
Qualcomm MSM8998
Qualcomm 8998
Qualcomm 215 Firmware
Qualcomm 215
Qualcomm SDA660
Qualcomm SDA660
Qualcomm SDM429W
Qualcomm SD429
qualcomm SDM439 firmware
Qualcomm SDM439 Firmware
Qualcomm SD 450 Firmware
Qualcomm Snapdragon 450
qualcomm SDM630 firmware
qualcomm SDM630
Qualcomm SDM632
Qualcomm SDM632
Qualcomm SD 636 Firmware
Qualcomm SDM636 Firmware
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-10589?
CVE-2019-10589 has been classified with a moderate severity level due to the potential for buffer overflow exploits.
How do I fix CVE-2019-10589?
To resolve CVE-2019-10589, users should update their devices to the latest firmware provided by Qualcomm or the device manufacturer.
Which devices are impacted by CVE-2019-10589?
CVE-2019-10589 affects multiple Qualcomm chipsets used in various Android devices including those running Snapdragon Auto, Snapdragon Compute, and Snapdragon Mobile.
What potential consequences does CVE-2019-10589 pose?
CVE-2019-10589 can lead to exploitation possibilities like unauthorized access or system crashes due to buffer overflows.
Is CVE-2019-10589 publicly disclosed?
Yes, CVE-2019-10589 is a publicly disclosed vulnerability and is available in security bulletins from Qualcomm and Android.