How severe is CVE-2019-10600?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2019-10600?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2019-10600

HIGH Year: 2019

CVSS v3 Score

7.8

High

CVSS v2 Score

7.2

High

Weakness Type

CWE-476

View all →

Vulnerability Description

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVE-2008-2812

HIGH

CVSS:7.8(High)

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL ...

CWE-4762008

CVE-2009-2698

HIGH

CVSS:7.8(High)

The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NU...

CWE-4762009

CVE-2009-2768

HIGH

CVSS:7.8(High)

The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and syst...

CWE-4762009

CVE-2009-3620

HIGH

CVSS:7.8(High)

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of ...

CWE-4762009

CVE-2010-2798

HIGH

CVSS:7.8(High)

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users...

CWE-4762010

CVE-2010-2960

HIGH

CVSS:7.8(High)

The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denia...

CWE-4762010

CVE-2019-10600

Vulnerability Description

Related Vulnerabilities

CVE-2008-2812

CVE-2009-2698

CVE-2009-2768

CVE-2009-3620

CVE-2010-2798

CVE-2010-2960