CVE-2019-2302

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description The issue occurs while processing a vendor command that contains a corrupted channel count, leading to an integer overflow and ultimately a heap overflow. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables, in multiple chipsets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.