7.8

CVE-2019-2277

EPSS 0.04%
Published 22.07.2019 14:15:11
Last modified 21.11.2024 04:40:36
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX24

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qcs605 Firmware Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Sd 210 Firmware Version-

Qualcomm ≫ Sd 210 Version-

Qualcomm ≫ Sd 212 Firmware Version-

Qualcomm ≫ Sd 212 Version-

Qualcomm ≫ Sd 205 Firmware Version-

Qualcomm ≫ Sd 205 Version-

Qualcomm ≫ Sd 425 Firmware Version-

Qualcomm ≫ Sd 425 Version-

Qualcomm ≫ Sd 427 Firmware Version-

Qualcomm ≫ Sd 427 Version-

Qualcomm ≫ Sd 430 Firmware Version-

Qualcomm ≫ Sd 430 Version-

Qualcomm ≫ Sd 435 Firmware Version-

Qualcomm ≫ Sd 435 Version-

Qualcomm ≫ Sd 450 Firmware Version-

Qualcomm ≫ Sd 450 Version-

Qualcomm ≫ Sd 625 Firmware Version-

Qualcomm ≫ Sd 625 Version-

Qualcomm ≫ Sd 636 Firmware Version-

Qualcomm ≫ Sd 636 Version-

Qualcomm ≫ Sd 665 Firmware Version-

Qualcomm ≫ Sd 665 Version-

Qualcomm ≫ Sd 675 Firmware Version-

Qualcomm ≫ Sd 675 Version-

Qualcomm ≫ Sd 712 Firmware Version-

Qualcomm ≫ Sd 712 Version-

Qualcomm ≫ Sd 710 Firmware Version-

Qualcomm ≫ Sd 710 Version-

Qualcomm ≫ Sd 670 Firmware Version-

Qualcomm ≫ Sd 670 Version-

Qualcomm ≫ Sd 730 Firmware Version-

Qualcomm ≫ Sd 730 Version-

Qualcomm ≫ Sd 820a Firmware Version-

Qualcomm ≫ Sd 820a Version-

Qualcomm ≫ Sd 835 Firmware Version-

Qualcomm ≫ Sd 835 Version-

Qualcomm ≫ Sd 845 Firmware Version-

Qualcomm ≫ Sd 845 Version-

Qualcomm ≫ Sd 850 Firmware Version-

Qualcomm ≫ Sd 850 Version-

Qualcomm ≫ Sd 855 Firmware Version-

Qualcomm ≫ Sd 855 Version-

Qualcomm ≫ Sda660 Firmware Version-

Qualcomm ≫ Sda660 Version-

Qualcomm ≫ Sdm630 Firmware Version-

Qualcomm ≫ Sdm630 Version-

Qualcomm ≫ Sdm660 Firmware Version-

Qualcomm ≫ Sdm660 Version-

Qualcomm ≫ Sdx24 Firmware Version-

Qualcomm ≫ Sdx24 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.096

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-2277

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-2277

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-2277

EUVD