Q & A

(1) Am I affected by the vulnerability?

We didn’t test all the Qualcomm chips. We only tested on the Google Pixel2/Pixel3. Results of our tests indicate that unpatched phones running on Qualcomm Snapdragon 835,845 may be vulnerable.

(2) What is the impact of this vulnerability?

In some circumstance, the Android Kernel could be compromised by attackers over-the-air.

(3) What is the CVE ID of this vulnerability?

The first issue (Compromise WLAN Issue) - CVE-2019-10539

The second issue (WLAN into Modem issue) - CVE-2019-10540

The third issue (Modem into Linux Kernel issue) - CVE-2019-10538

(4) Has “QualPwn” been abused in the wild?

We have not found this vulnerability to have a public full exploit code.

(5) Is there a workaround/fix?

We have reported all the details of the vulnerabilities to Google and Qualcomm who are have issued fixes. Qualcomm released a security bulletin to OEMs on 2019-6-03 describing the issues and requesting the OEMs to download and incorporate appropriate patches. Please check the security bulletin of Google and Qualcomm for further information and update.

Android security bulletin: (https://source.android.com/security/bulletin/2019-08-01)

Qualcomm security bulletin: (https://www.qualcomm.com/company/product-security/bulletins)

(6) Are there plans to disclose details of the vulnerability?

Not yet. We follow the responsible vulnerability disclosure process and will not disclose details of the vulnerabilities until we’re informed that the flaws are fixed and consumers have time to install security updates on their devices.

(7)Does Qualcomm have a statement on the issue?

“Providing technologies that support robust security and privacy is a priority for Qualcomm. We commend the security researchers from Tencent for using industry-standard coordinated disclosure practices through our Vulnerability Rewards Program. Qualcomm Technologies has already issued fixes to OEMs, and we encourage end users to update their devices as patches become available from OEMs.”