CVE-2019-2338

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description A crafted image with a valid signature from a non-QC entity can be loaded, allowing read and write access to memory belonging to the secure world. This issue affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wired Infrastructure and Networking, in multiple chipsets such as MDM9205, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130, and SXR2130.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.