CVE-2019-2302
EUVD-2019-1194406.11.2019, 17:15
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| qualcomm | apq8017_firmware | - |
| qualcomm | apq8053_firmware | - |
| qualcomm | apq8096au_firmware | - |
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9207c_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9640_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | msm8905_firmware | - |
| qualcomm | msm8909_firmware | - |
| qualcomm | msm8909w_firmware | - |
| qualcomm | msm8976_firmware | - |
| qualcomm | msm8996au_firmware | - |
| qualcomm | qca6174a_firmware | - |
| qualcomm | qca6574au_firmware | - |
| qualcomm | qca9377_firmware | - |
| qualcomm | qca9379_firmware | - |
| qualcomm | qcn7605_firmware | - |
| qualcomm | qcs405_firmware | - |
| qualcomm | qcs605_firmware | - |
| qualcomm | sda845_firmware | - |
| qualcomm | sdm636_firmware | - |
| qualcomm | sdm660_firmware | - |
| qualcomm | sdm670_firmware | - |
| qualcomm | sdm710_firmware | - |
| qualcomm | sdm845_firmware | - |
| qualcomm | sdx20_firmware | - |
| qualcomm | sdx24_firmware | - |
| qualcomm | sm6150_firmware | - |
| qualcomm | sm8150_firmware | - |
𝑥
= Vulnerable software versions