#VU109309 Improper Validation of Array Index in Qualcomm products - CVE-2019-10629
Published: May 17, 2025
Vulnerability identifier: #VU109309
Vulnerability risk:
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:/VI:/VA:/SC:N/SI:N/SA:N/E:U/U:
CVE-ID: CVE-2019-10629
CWE-ID: CWE-129
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Bitra
IPQ6018
MDM9205
QCA8081
QCS404
QCS610
SA415M
SC7180
SDM850
IPQ8074
Nicobar
QCN7605
QCS405
QCS605
Rennell
SA6155P
Saipan
SC8180X
SDA845
SDM670
SDM710
SDM845
SDX20
SDX24
SDX55
SM6150
SM7150
SM8150
SM8250
SXR1130
SXR2130
Bitra
IPQ6018
MDM9205
QCA8081
QCS404
QCS610
SA415M
SC7180
SDM850
IPQ8074
Nicobar
QCN7605
QCS405
QCS605
Rennell
SA6155P
Saipan
SC8180X
SDA845
SDM670
SDM710
SDM845
SDX20
SDX24
SDX55
SM6150
SM7150
SM8150
SM8250
SXR1130
SXR2130
Software vendor:
Qualcomm
Qualcomm
Description
The vulnerability allows #AV# #AU# to #BASIC_IMPACT#.
The vulnerability exists due to improper input validation in kernel. #AV# #AU# can #EXT_IMPACT#.
Remediation
Install security update from vendor's website.