Vulnerability CVE-2019-2326


Published: 2019-07-25

Description:
Data token is received from ADSP and is used without validation as an index into the array leads to out of bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Type:

CWE-129

(Improper Validation of Array Index)

Vendor: Qualcomm
Product: Msm8909w firmware 
Product: Sdm630 firmware 
Product: Mdm9150 firmware 
Product: Sd 845 firmware 
Product: Sd 712 firmware 
Product: Sd 636 firmware 
Product: Sd 435 firmware 
Product: Sd 212 firmware 
Product: Qcs405 firmware 
Product: Sdx20 firmware 
Product: Mdm9607 firmware 
Product: Sd 855 firmware 
Product: Sd 820 firmware 
Product: Sd 670 firmware 
Product: Sd 450 firmware 
Product: Sd 427 firmware 
Product: Qualcomm 215 firmware 
Product: Mdm9650 firmware 
Product: Sdm439 firmware 
Product: Sd 835 firmware 
Product: Sd 710 firmware 
Product: Sd 632 firmware 
Product: Sd 430 firmware 
Product: Sd 210 firmware 
Product: Msm8996au firmware 
Product: Sdm660 firmware 
Product: Mdm9206 firmware 
Product: Sd 850 firmware 
Product: Sd 730 firmware 
Product: Sd 665 firmware 
Product: Sd 439 firmware 
Product: Sd 425 firmware 
Product: Qcs605 firmware 
Product: Sdx24 firmware 
Product: Mdm9640 firmware 
Product: Sda660 firmware 
Product: Sd 820a firmware 
Product: Sd 675 firmware 
Product: Sd 625 firmware 
Product: Sd 429 firmware 
Product: Sd 205 firmware 

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin

Related CVE
CVE-2019-2346
Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...
CVE-2019-2345
Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, ...
CVE-2019-2343
Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon ...
CVE-2019-2334
Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...
CVE-2019-2330
improper input validation in allocation request for secure allocations can lead to page fault. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearabl...
CVE-2019-2328
Possible buffer overflow when number of channels passed is more than size of channel mapping array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2019-2327
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...
CVE-2019-2322
Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Musi...

Copyright 2019, cxsecurity.com

 

Back to Top