CVE-2019-2302
06.11.2019, 17:15
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | apq8017_firmware | - |
| qualcomm | apq8053_firmware | - |
| qualcomm | apq8096au_firmware | - |
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9207c_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9640_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | msm8905_firmware | - |
| qualcomm | msm8909_firmware | - |
| qualcomm | msm8909w_firmware | - |
| qualcomm | msm8976_firmware | - |
| qualcomm | msm8996au_firmware | - |
| qualcomm | qca6174a_firmware | - |
| qualcomm | qca6574au_firmware | - |
| qualcomm | qca9377_firmware | - |
| qualcomm | qca9379_firmware | - |
| qualcomm | qcn7605_firmware | - |
| qualcomm | qcs405_firmware | - |
| qualcomm | qcs605_firmware | - |
| qualcomm | sda845_firmware | - |
| qualcomm | sdm636_firmware | - |
| qualcomm | sdm660_firmware | - |
| qualcomm | sdm670_firmware | - |
| qualcomm | sdm710_firmware | - |
| qualcomm | sdm845_firmware | - |
| qualcomm | sdx20_firmware | - |
| qualcomm | sdx24_firmware | - |
| qualcomm | sm6150_firmware | - |
| qualcomm | sm8150_firmware | - |
𝑥
= Vulnerable software versions