PT-2019-16405 · Qualcomm · Sda660+43

Published

2019-07-25

·

Updated

2020-08-24

·

CVE-2019-2343

CVSS v2.0

2.1

Low

VectorAV:L/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions prior to the fixed version Qualcomm Snapdragon Compute versions prior to the fixed version Qualcomm Snapdragon Connectivity versions prior to the fixed version Qualcomm Snapdragon Consumer IOT versions prior to the fixed version Qualcomm Snapdragon Industrial IOT versions prior to the fixed version Qualcomm Snapdragon Mobile versions prior to the fixed version Qualcomm Snapdragon Voice & Music versions prior to the fixed version Qualcomm Snapdragon Wearables versions prior to the fixed version MSM8909W version prior to the fixed version MSM8996AU version prior to the fixed version QCS605 version prior to the fixed version Qualcomm 215 version prior to the fixed version SD 210/SD 212/SD 205 versions prior to the fixed version SD 425 version prior to the fixed version SD 427 version prior to the fixed version SD 430 version prior to the fixed version SD 435 version prior to the fixed version SD 439 / SD 429 versions prior to the fixed version SD 450 version prior to the fixed version SD 625 version prior to the fixed version SD 632 version prior to the fixed version SD 636 version prior to the fixed version SD 665 version prior to the fixed version SD 675 version prior to the fixed version SD 712 / SD 710 / SD 670 versions prior to the fixed version SD 730 version prior to the fixed version SD 820 version prior to the fixed version SD 820A version prior to the fixed version SD 835 version prior to the fixed version SD 845 / SD 850 versions prior to the fixed version SD 855 version prior to the fixed version SD 8CX version prior to the fixed version SDA660 version prior to the fixed version SDM439 version prior to the fixed version SDM630 version prior to the fixed version SDM660 version prior to the fixed version Snapdragon High Med 2016 version prior to the fixed version SXR1130 version prior to the fixed version
Description The issue is related to an out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2019-2343

Affected Products

Msm8909W
Msm8996Au
Qcs605
Qualcomm 215
Qualcomm Snapdragon Auto
Qualcomm Snapdragon Compute
Qualcomm Snapdragon Connectivity
Qualcomm Snapdragon Consumer Iot
Qualcomm Snapdragon Industrial Iot
Qualcomm Snapdragon Mobile
Qualcomm Snapdragon Voice & Music
Qualcomm Snapdragon Wearables
Sd 205
Sd 210
Sd 212
Sd 425
Sd 427
Sd 429
Sd 430
Sd 435
Sd 439
Sd 450
Sd 625
Sd 632
Sd 636
Sd 665
Sd 670
Sd 675
Sd 710
Sd 712
Sd 730
Sd 820
Sd 820A
Sd 835
Sd 845
Sd 850
Sd 855
Sd 8Cx
Sda660
Sdm439
Sdm630
Sdm660
Sxr1130
Snapdragon High Med 2016