Vulnerability Description
BT process died and BT toggled due to null pointer dereference when invalid vendor pass through command sent from remote in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Qcs405 Firmware | - |
| Qualcomm | Qcs405 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Sd 636 Firmware | - |
| Qualcomm | Sd 636 | - |
| Qualcomm | Sd 675 Firmware | - |
| Qualcomm | Sd 675 | - |
| Qualcomm | Sd 730 Firmware | - |
| Qualcomm | Sd 730 | - |
| Qualcomm | Sd 820A Firmware | - |
| Qualcomm | Sd 820A | - |
| Qualcomm | Sd 835 Firmware | - |
| Qualcomm | Sd 835 | - |
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
| Qualcomm | Sd 855 Firmware | - |
| Qualcomm | Sd 855 | - |
Related Weaknesses (CWE)
References
- https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-PatchThird Party Advisory
FAQ
What is CVE-2019-10510?
CVE-2019-10510 is a vulnerability with a CVSS score of 8.2 (HIGH). BT process died and BT toggled due to null pointer dereference when invalid vendor pass through command sent from remote in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voic...
How severe is CVE-2019-10510?
CVE-2019-10510 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10510?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Qcs405 Firmware, Qualcomm Qcs405, Qualcomm Qcs605 Firmware, Qualcomm Qcs605, Qualcomm Sd 636 Firmware.