CVE-2019-10626: Buffer Overflow
First published: Mon Jun 22 2020(Updated: )
Payload size is not validated before reading memory that may cause issue of accessing invalid pointer or some garbage data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429W, SDM439, SDM670, SDM710, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Qualcomm Apq8009 | ||
| Google Android | ||
| Qualcomm Apq8017 | ||
| Qualcomm Apq8053 Firmware | ||
| Qualcomm Apq8053 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Apq8098 | ||
| Qualcomm Ipq4019 Firmware | ||
| Qualcomm Ipq4019 | ||
| Google Android | ||
| Qualcomm Ipq6018 | ||
| Qualcomm Ipq8064 Firmware | ||
| Qualcomm Ipq8064 | ||
| Qualcomm Ipq8074 Firmware | ||
| Qualcomm Ipq8074 | ||
| Qualcomm Mdm9206 Firmware | ||
| Qualcomm Mdm9206 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Mdm9607 | ||
| Qualcomm Mdm9640 Firmware | ||
| Qualcomm Mdm9640 | ||
| Qualcomm Mdm9650 Firmware | ||
| Qualcomm Mdm9650 | ||
| Qualcomm Msm8909w Firmware | ||
| Qualcomm Msm8909w | ||
| Qualcomm Msm8996au Firmware | ||
| Qualcomm Msm8996au | ||
| Qualcomm Qcs405 Firmware | ||
| Qualcomm Qcs405 | ||
| Qualcomm Qcs605 Firmware | ||
| Google Android | ||
| Qualcomm Rennell Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sc8180x Firmware | ||
| Qualcomm Sc8180x | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sda845 Firmware | ||
| Qualcomm Sda845 | ||
| Qualcomm Sdm429w Firmware | ||
| Qualcomm Sdm429w | ||
| Qualcomm Sdm439 Firmware | ||
| Qualcomm Sdm439 | ||
| Qualcomm Sdm670 Firmware | ||
| Qualcomm Sdm670 | ||
| Qualcomm Sdm710 Firmware | ||
| Qualcomm Sdm710 | ||
| Qualcomm Sdx20 Firmware | ||
| Qualcomm Sdx20 | ||
| Qualcomm Sdx24 Firmware | ||
| Google Android | ||
| Qualcomm Sdx55 Firmware | ||
| Qualcomm Sdx55 | ||
| Qualcomm Sm8150 Firmware | ||
| Qualcomm Sm8150 | ||
| Qualcomm Sm8250 Firmware | ||
| Qualcomm SM8250 | ||
| Qualcomm Sxr1130 Firmware | ||
| Qualcomm Sxr1130 | ||
| Qualcomm Sxr2130 Firmware | ||
| Qualcomm Sxr2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-10626?
CVE-2019-10626 is a vulnerability that allows attackers to access invalid pointers or garbage data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, and Snapdragon Wired Infrastructure.
What is the severity of CVE-2019-10626?
The severity of CVE-2019-10626 is medium with a CVSS score of 5.5.
Which software is affected by CVE-2019-10626?
CVE-2019-10626 affects Qualcomm products including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, and Snapdragon Wired Infrastructure.
How does CVE-2019-10626 affect Qualcomm products?
CVE-2019-10626 allows attackers to potentially access invalid pointers or garbage data in Qualcomm products, which may lead to security issues.
Is there a fix available for CVE-2019-10626?
For information on available fixes for CVE-2019-10626, please refer to the official Qualcomm June 2020 Bulletin.
- agent/type
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm apq8009
- canonical/qualcomm apq8017
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm apq8053
- canonical/qualcomm apq8098
- canonical/qualcomm ipq4019 firmware
- canonical/qualcomm ipq4019
- canonical/qualcomm ipq6018
- canonical/qualcomm ipq8064 firmware
- canonical/qualcomm ipq8064
- canonical/qualcomm ipq8074 firmware
- canonical/qualcomm ipq8074
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9607
- canonical/qualcomm mdm9640 firmware
- canonical/qualcomm mdm9640
- canonical/qualcomm mdm9650 firmware
- canonical/qualcomm mdm9650
- canonical/qualcomm msm8909w firmware
- canonical/qualcomm msm8909w
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm msm8996au
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs405
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm rennell firmware
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sda845 firmware
- canonical/qualcomm sda845
- canonical/qualcomm sdm429w firmware
- canonical/qualcomm sdm429w
- canonical/qualcomm sdm439 firmware
- canonical/qualcomm sdm439
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sdm670
- canonical/qualcomm sdm710 firmware
- canonical/qualcomm sdm710
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sdx20
- canonical/qualcomm sdx24 firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sdx55
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sm8150
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sm8250
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr2130 firmware
- canonical/qualcomm sxr2130