1. Home
  2. CVE Database
  3. CVE-2019-10612
CRITICAL · 9.8

CVE-2019-10612

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapd...

Vulnerability Description

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MDM9650, QCS605, SA6155P, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommMdm9205 Firmware-
QualcommMdm9205-
QualcommMdm9650 Firmware-
QualcommMdm9650-
QualcommQcs605 Firmware-
QualcommQcs605-
QualcommSa6155P Firmware-
QualcommSa6155P-
QualcommSc8180X Firmware-
QualcommSc8180X-
QualcommSda845 Firmware-
QualcommSda845-
QualcommSdm670 Firmware-
QualcommSdm670-
QualcommSdm710 Firmware-
QualcommSdm710-
QualcommSdm845 Firmware-
QualcommSdm845-
QualcommSdm850 Firmware-
QualcommSdm850-

Related Weaknesses (CWE)

CWE-787

References

FAQ

What is CVE-2019-10612?

CVE-2019-10612 is a vulnerability with a CVSS score of 9.8 (CRITICAL). UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapd...

How severe is CVE-2019-10612?

CVE-2019-10612 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-10612?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9205 Firmware, Qualcomm Mdm9205, Qualcomm Mdm9650 Firmware, Qualcomm Mdm9650, Qualcomm Qcs605 Firmware.