CVE-2019-2328

CVE Database · CVE-2019-2328

CVE-2019-2328

· N/AModified

CVSS v3.1

N/A

EPSS

0.24%

Published

Jul 25, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Possible buffer overflow when number of channels passed is more than size of channel mapping array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Weaknesses (CWE)

CWE-119

Affected Products (90)

qualcomm · mdm9150_firmwarevulnerable

qualcomm · mdm9150

qualcomm · mdm9206_firmwarevulnerable

qualcomm · mdm9206

qualcomm · mdm9607_firmwarevulnerable

qualcomm · mdm9607

qualcomm · mdm9640_firmwarevulnerable

qualcomm · mdm9640

qualcomm · mdm9650_firmwarevulnerable

qualcomm · mdm9650

qualcomm · msm8909w_firmwarevulnerable

· msm8909w

References (2)

https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

PatchThird Party Advisory

https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

PatchThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs