CVE-2019-10535 Information

Description

Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto Snapdragon Compute Snapdragon Consumer Electronics Connectivity Snapdragon Consumer IOT Snapdragon Industrial IOT Snapdragon Mobile Snapdragon Voice & Music in APQ8053 APQ8096AU APQ8098 MDM9640 MSM8996AU MSM8998 QCA6574AU QCN7605 QCS405 QCS605 SDA845 SDM845 SDX20

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.5