CVE-2019-2248

EPSS 0.05%
Published 24.05.2019 17:29:02
Last modified 21.11.2024 04:40:31
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 820, SD 820A, SD 845 / SD 850, SDM439, SDM660, SDX20

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Mdm9150 Firmware Version-

Qualcomm ≫ Mdm9150 Version-

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Qualcomm ≫ Mdm9650 Firmware Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Msm8909w Firmware Version-

Qualcomm ≫ Msm8909w Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Sd 210 Firmware Version-

Qualcomm ≫ Sd 210 Version-

Qualcomm ≫ Sd 212 Firmware Version-

Qualcomm ≫ Sd 212 Version-

Qualcomm ≫ Sd 205 Firmware Version-

Qualcomm ≫ Sd 205 Version-

Qualcomm ≫ Sd 425 Firmware Version-

Qualcomm ≫ Sd 425 Version-

Qualcomm ≫ Sd 427 Firmware Version-

Qualcomm ≫ Sd 427 Version-

Qualcomm ≫ Sd 430 Firmware Version-

Qualcomm ≫ Sd 430 Version-

Qualcomm ≫ Sd 435 Firmware Version-

Qualcomm ≫ Sd 435 Version-

Qualcomm ≫ Sd 439 Firmware Version-

Qualcomm ≫ Sd 439 Version-

Qualcomm ≫ Sd 429 Firmware Version-

Qualcomm ≫ Sd 429 Version-

Qualcomm ≫ Sd 450 Firmware Version-

Qualcomm ≫ Sd 450 Version-

Qualcomm ≫ Sd 615 Firmware Version-

Qualcomm ≫ Sd 615 Version-

Qualcomm ≫ Sd 616 Firmware Version-

Qualcomm ≫ Sd 616 Version-

Qualcomm ≫ Sd 415 Firmware Version-

Qualcomm ≫ Sd 415 Version-

Qualcomm ≫ Sd 625 Firmware Version-

Qualcomm ≫ Sd 625 Version-

Qualcomm ≫ Sd 632 Firmware Version-

Qualcomm ≫ Sd 632 Version-

Qualcomm ≫ Sd 636 Firmware Version-

Qualcomm ≫ Sd 636 Version-

Qualcomm ≫ Sd 650 Firmware Version-

Qualcomm ≫ Sd 650 Version-

Qualcomm ≫ Sd 652 Firmware Version-

Qualcomm ≫ Sd 652 Version-

Qualcomm ≫ Sd 820 Firmware Version-

Qualcomm ≫ Sd 820 Version-

Qualcomm ≫ Sd 820a Firmware Version-

Qualcomm ≫ Sd 820a Version-

Qualcomm ≫ Sd 845 Firmware Version-

Qualcomm ≫ Sd 845 Version-

Qualcomm ≫ Sd 850 Firmware Version-

Qualcomm ≫ Sd 850 Version-

Qualcomm ≫ Sdm439 Firmware Version-

Qualcomm ≫ Sdm439 Version-

Qualcomm ≫ Sdm660 Firmware Version-

Qualcomm ≫ Sdm660 Version-

Qualcomm ≫ Sdx20 Firmware Version-

Qualcomm ≫ Sdx20 Version-

Qualcomm ≫ 215 Firmware Version-

Qualcomm ≫ 215 Version-

Qualcomm ≫ Qm215 Firmware Version-

Qualcomm ≫ Qm215 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.105

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-2248

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-2248

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-2248

EUVD