CVE-2019-2314

CVE Database · CVE-2019-2314

CVE-2019-2314

· N/AModified

CVSS v3.1

N/A

EPSS

0.13%

Published

Jul 25, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24

Weaknesses (CWE)

CWE-362CWE-416

Affected Products (48)

qualcomm · msm8909w_firmwarevulnerable

qualcomm · msm8909w

qualcomm · qcs405_firmwarevulnerable

qualcomm · qcs405

qualcomm · qcs605_firmwarevulnerable

qualcomm · qcs605

qualcomm · qualcomm_215_firmwarevulnerable

qualcomm · qualcomm_215

qualcomm · sd_425_firmwarevulnerable

qualcomm · sd_425

qualcomm · sd_439_firmwarevulnerable

· sd_439

References (2)

https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

PatchThird Party Advisory

https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

PatchThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs