CVE-2019-10629: Out-of-bounds Read
First published: Tue Sep 08 2020(Updated: )
u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm Bitra Firmware | ||
| Qualcomm Bitra | ||
| Qualcomm Ipq6018 Firmware | ||
| Qualcomm Ipq6018 | ||
| Qualcomm Ipq8074 Firmware | ||
| Qualcomm Ipq8074 | ||
| Qualcomm Mdm9205 Firmware | ||
| Qualcomm Mdm9205 | ||
| Qualcomm Nicobar Firmware | ||
| Qualcomm Nicobar | ||
| Qualcomm Qca8081 Firmware | ||
| Qualcomm Qca8081 | ||
| Qualcomm Qcn7605 Firmware | ||
| Qualcomm Qcn7605 | ||
| Qualcomm Qcs404 Firmware | ||
| Qualcomm Qcs404 | ||
| Qualcomm Qcs405 Firmware | ||
| Qualcomm Qcs405 | ||
| Qualcomm Qcs605 Firmware | ||
| Qualcomm Qcs605 | ||
| Qualcomm Qcs610 Firmware | ||
| Qualcomm Qcs610 | ||
| Qualcomm Rennell Firmware | ||
| Qualcomm Rennell | ||
| Qualcomm Sa415m Firmware | ||
| Qualcomm Sa415m | ||
| Qualcomm Sa6155p Firmware | ||
| Qualcomm Sa6155p | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm Saipan | ||
| Qualcomm Sc7180 Firmware | ||
| Qualcomm Sc7180 | ||
| Qualcomm Sc8180x Firmware | ||
| Qualcomm Sc8180x | ||
| Qualcomm Sda845 Firmware | ||
| Qualcomm Sda845 | ||
| Qualcomm Sdm670 Firmware | ||
| Qualcomm Sdm670 | ||
| Qualcomm Sdm710 Firmware | ||
| Qualcomm Sdm710 | ||
| Qualcomm Sdm845 Firmware | ||
| Qualcomm Sdm845 | ||
| Qualcomm Sdm850 Firmware | ||
| Qualcomm Sdm850 | ||
| Qualcomm Sdx20 Firmware | ||
| Qualcomm Sdx20 | ||
| Qualcomm Sdx24 Firmware | ||
| Qualcomm Sdx24 | ||
| Qualcomm Sdx55 Firmware | ||
| Qualcomm Sdx55 | ||
| Qualcomm Sm6150 Firmware | ||
| Qualcomm Sm6150 | ||
| Qualcomm Sm7150 Firmware | ||
| Qualcomm Sm7150 | ||
| Qualcomm Sm8150 Firmware | ||
| Qualcomm Sm8150 | ||
| Qualcomm Sm8250 Firmware | ||
| Qualcomm SM8250 | ||
| Qualcomm Sxr1130 Firmware | ||
| Qualcomm Sxr1130 | ||
| Qualcomm Sxr2130 Firmware | ||
| Qualcomm Sxr2130 | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
- https://source.android.com/docs/security/bulletin/2020-09-01/#asterisk
- https://source.android.com/docs/security/bulletin/2020-09-01 (Advisory)
Frequently Asked Questions
What is CVE-2019-10629?
CVE-2019-10629 is a vulnerability that allows a user process to potentially corrupt a kernel virtual page by passing a crafted page in an API.
Which software is affected by CVE-2019-10629?
CVE-2019-10629 affects Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music.
What is the severity of CVE-2019-10629?
The severity of CVE-2019-10629 is critical with a CVSS score of 7.8.
How can I fix CVE-2019-10629?
To fix CVE-2019-10629, it is recommended to follow the security patches provided by Qualcomm and Google Android.
Where can I find more information about CVE-2019-10629?
More information about CVE-2019-10629 can be found on the Qualcomm website and the Android Open Source Project website.
- agent/references
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/qualcomm
- canonical/qualcomm bitra firmware
- canonical/qualcomm bitra
- canonical/qualcomm ipq6018 firmware
- canonical/qualcomm ipq6018
- canonical/qualcomm ipq8074 firmware
- canonical/qualcomm ipq8074
- canonical/qualcomm mdm9205 firmware
- canonical/qualcomm mdm9205
- canonical/qualcomm nicobar firmware
- canonical/qualcomm nicobar
- canonical/qualcomm qca8081 firmware
- canonical/qualcomm qca8081
- canonical/qualcomm qcn7605 firmware
- canonical/qualcomm qcn7605
- canonical/qualcomm qcs404 firmware
- canonical/qualcomm qcs404
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs405
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm qcs605
- canonical/qualcomm qcs610 firmware
- canonical/qualcomm qcs610
- canonical/qualcomm rennell firmware
- canonical/qualcomm rennell
- canonical/qualcomm sa415m firmware
- canonical/qualcomm sa415m
- canonical/qualcomm sa6155p firmware
- canonical/qualcomm sa6155p
- canonical/qualcomm saipan firmware
- canonical/qualcomm saipan
- canonical/qualcomm sc7180 firmware
- canonical/qualcomm sc7180
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sda845 firmware
- canonical/qualcomm sda845
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sdm670
- canonical/qualcomm sdm710 firmware
- canonical/qualcomm sdm710
- canonical/qualcomm sdm845 firmware
- canonical/qualcomm sdm845
- canonical/qualcomm sdm850 firmware
- canonical/qualcomm sdm850
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sdx20
- canonical/qualcomm sdx24 firmware
- canonical/qualcomm sdx24
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sdx55
- canonical/qualcomm sm6150 firmware
- canonical/qualcomm sm6150
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm7150
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sm8150
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sm8250
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr2130 firmware
- canonical/qualcomm sxr2130
- vendor/google
- canonical/google android