Vulnerability
CVE-2019-10556
Component: GPU
Location: OS
Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some cases in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8909W, MSM8917, MSM8953, Nicobar, QCN7605, QCS405, QCS605, QM215, Rennell, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Impact
Severity (Manufact.)
N/A
Severity (NIST)
7.8
Severity (Android)
N/A
Chipsets
15
Devices
769
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| QM215 | Qualcomm 215 | Qualcomm |
| MSM8917 | Snapdragon 425 | Qualcomm |
| SDM429 | Snapdragon 429 | Qualcomm |
| SDM439 | Snapdragon 439 | Qualcomm |
| SDM450 | Snapdragon 450 | Qualcomm |
| MSM8953 | Snapdragon 625 | Qualcomm |
| SDM632 | Snapdragon 632 | Qualcomm |
| SDM670 | Snapdragon 670 | Qualcomm |
| SM6150 | Snapdragon 675 | Qualcomm |
| SDM710 | Snapdragon 710 | Qualcomm |
15 of 15 row(s) shown.
Rows per page
Page 1 of 2
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Apr 1, 2016
Reported:
Dec 21, 2018
Advisory Published:
Apr 6, 2020
CVE Published:
Apr 16, 2020
Android Patch Level:
None
