Snapdragon Auto Improper Input Validation Vulnerability

Summary

The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map which happens to be at same physical address.

Credit:

The information has been provided by Vendor

The original article can be found at:https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin


Details

The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map which happens to be at same physical address in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

 

Vulnerable Systems:

Snapdragon Auto

Snapdragon Consumer IOT

Snapdragon Industrial IOT

Snapdragon Mobile

Snapdragon Voice & Music

 

CVE Information:

CVE-2019-14010

 

Disclosure Timeline:
Published Date:1/21/2020

Categories: FeaturedNews