CVE-2019-2272

CVE Database · CVE-2019-2272

CVE-2019-2272

· N/AModified

CVSS v3.1

N/A

EPSS

0.20%

Published

Jul 25, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow can occur in display function due to lack of validation of header block size set by user. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SDM660, SDX20

Weaknesses (CWE)

CWE-119

Affected Products (56)

qualcomm · mdm9206_firmwarevulnerable

qualcomm · mdm9206

qualcomm · mdm9607_firmwarevulnerable

qualcomm · mdm9607

qualcomm · mdm9650_firmwarevulnerable

qualcomm · mdm9650

qualcomm · msm8909w_firmwarevulnerable

qualcomm · msm8909w

qualcomm · msm8996au_firmwarevulnerable

qualcomm · msm8996au

qualcomm · sd_210_firmwarevulnerable

· sd_210

References (2)

https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

PatchThird Party Advisory

https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

PatchThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs