cnvd - cnvd-2020-41778

CNVD-2020-41778

Vulnerability from cnvd - Published: 2020-07-23

Title

多款Qualcomm产品资源管理错误漏洞（CNVD-2020-41778）

Description

Qualcomm MSM8996AU等都是美国高通（Qualcomm）公司的一款中央处理器（CPU）产品。多款Qualcomm产品中的HLOS Data存在资源管理错误漏洞，本地攻击者可通过发送特制请求利用该漏洞执行任意代码或导致拒绝服务。

Severity

高

Patch Name

多款Qualcomm产品资源管理错误漏洞（CNVD-2020-41778）的补丁

Patch Description

Qualcomm MSM8996AU等都是美国高通（Qualcomm）公司的一款中央处理器（CPU）产品。多款Qualcomm产品中的HLOS Data存在资源管理错误漏洞，本地攻击者可通过发送特制请求利用该漏洞执行任意代码或导致拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin

Reference

https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin

Impacted products

Name
['Qualcomm MSM8909W', 'Qualcomm SDM429', 'Qualcomm SDM630', 'Qualcomm SDM632', 'Qualcomm SDM636', 'Qualcomm SDM660', 'Qualcomm MSM8996AU', 'Qualcomm SDA660', 'Qualcomm SXR1130', 'Qualcomm SDM439', 'Qualcomm QCS605', 'Qualcomm SM7150', 'Qualcomm QCA6574AU', 'Qualcomm Nicobar', 'Qualcomm APQ8009', 'Qualcomm SDM670', 'Qualcomm SM8150', 'Qualcomm SDM429W', 'Qualcomm APQ8053', 'Qualcomm APQ8096AU', 'Qualcomm MSM8917', 'Qualcomm MSM8920', 'Qualcomm MSM8937', 'Qualcomm MSM8940', 'Qualcomm MSM8953', 'Qualcomm SDM450', 'Qualcomm MSM8905', 'Qualcomm MSM8909', 'Qualcomm MSM8998', 'Qualcomm QM215', 'Qualcomm SDM710', 'Qualcomm SDM845', 'Qualcomm SM6150', 'Qualcomm MSM8939']

Name

['Qualcomm MSM8909W', 'Qualcomm SDM429', 'Qualcomm SDM630', 'Qualcomm SDM632', 'Qualcomm SDM636', 'Qualcomm SDM660', 'Qualcomm MSM8996AU', 'Qualcomm SDA660', 'Qualcomm SXR1130', 'Qualcomm SDM439', 'Qualcomm QCS605', 'Qualcomm SM7150', 'Qualcomm QCA6574AU', 'Qualcomm Nicobar', 'Qualcomm APQ8009', 'Qualcomm SDM670', 'Qualcomm SM8150', 'Qualcomm SDM429W', 'Qualcomm APQ8053', 'Qualcomm APQ8096AU', 'Qualcomm MSM8917', 'Qualcomm MSM8920', 'Qualcomm MSM8937', 'Qualcomm MSM8940', 'Qualcomm MSM8953', 'Qualcomm SDM450', 'Qualcomm MSM8905', 'Qualcomm MSM8909', 'Qualcomm MSM8998', 'Qualcomm QM215', 'Qualcomm SDM710', 'Qualcomm SDM845', 'Qualcomm SM6150', 'Qualcomm MSM8939']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10548",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-10548"
    }
  },
  "description": "Qualcomm MSM8996AU\u7b49\u90fd\u662f\u7f8e\u56fd\u9ad8\u901a\uff08Qualcomm\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u4ea7\u54c1\u3002\n\n\u591a\u6b3eQualcomm\u4ea7\u54c1\u4e2d\u7684HLOS Data\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-41778",
  "openTime": "2020-07-23",
  "patchDescription": "Qualcomm MSM8996AU\u7b49\u90fd\u662f\u7f8e\u56fd\u9ad8\u901a\uff08Qualcomm\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eQualcomm\u4ea7\u54c1\u4e2d\u7684HLOS Data\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eQualcomm\u4ea7\u54c1\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2020-41778\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Qualcomm MSM8909W",
      "Qualcomm SDM429",
      "Qualcomm SDM630",
      "Qualcomm SDM632",
      "Qualcomm SDM636",
      "Qualcomm SDM660",
      "Qualcomm MSM8996AU",
      "Qualcomm SDA660",
      "Qualcomm SXR1130",
      "Qualcomm SDM439",
      "Qualcomm QCS605",
      "Qualcomm SM7150",
      "Qualcomm QCA6574AU",
      "Qualcomm Nicobar",
      "Qualcomm APQ8009",
      "Qualcomm SDM670",
      "Qualcomm SM8150",
      "Qualcomm SDM429W",
      "Qualcomm APQ8053",
      "Qualcomm APQ8096AU",
      "Qualcomm MSM8917",
      "Qualcomm MSM8920",
      "Qualcomm MSM8937",
      "Qualcomm MSM8940",
      "Qualcomm MSM8953",
      "Qualcomm SDM450",
      "Qualcomm MSM8905",
      "Qualcomm MSM8909",
      "Qualcomm MSM8998",
      "Qualcomm QM215",
      "Qualcomm SDM710",
      "Qualcomm SDM845",
      "Qualcomm SM6150",
      "Qualcomm MSM8939"
    ]
  },
  "referenceLink": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin",
  "serverity": "\u9ad8",
  "submitTime": "2020-01-09",
  "title": "\u591a\u6b3eQualcomm\u4ea7\u54c1\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2020-41778\uff09"
}

CVE-2019-10548 (GCVE-0-2019-10548)

Vulnerability from cvelistv5 – Published: 2020-01-21 06:30 – Updated: 2024-08-04 22:24

Summary

While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130

Severity ?

No CVSS data available.

CWE

Use-After-Free Issue in HLOS Data

Assigner

qualcomm

References

URL

Tags

https://www.qualcomm.com/company/product-security…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables	Affected: APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:24:18.713Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Use-After-Free Issue in HLOS Data",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-21T06:30:45",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2019-10548",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Use-After-Free Issue in HLOS Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2019-10548",
    "datePublished": "2020-01-21T06:30:45",
    "dateReserved": "2019-03-29T00:00:00",
    "dateUpdated": "2024-08-04T22:24:18.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-41778

CVE-2019-10548 (GCVE-0-2019-10548)

Tags

Sightings

Nomenclature