Vulnerability CVE-2019-2333


Published: 2019-09-30

Description:
Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Type:

CWE-120

(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))

Vendor: Qualcomm
Product: Qcs605 firmware 
Product: Sdx24 firmware 
Product: Mdm9150 firmware 
Product: Sda660 firmware 
Product: Sd 820a firmware 
Product: Sd 675 firmware 
Product: Sd 625 firmware 
Product: Sd 429 firmware 
Product: Sd 205 firmware 
Product: Mdm9650 firmware 
Product: Sdm630 firmware 
Product: Sd 845 firmware 
Product: Sd 712 firmware 
Product: Sd 636 firmware 
Product: Sd 435 firmware 
Product: Sd 212 firmware 
Product: Msm8996au firmware 
Product: Sdx20 firmware 
Product: Sd 855 firmware 
Product: Sd 820 firmware 
Product: Sd 670 firmware 
Product: Sd 450 firmware 
Product: Sd 427 firmware 
Product: Qualcomm 215 firmware 
Product: Mdm9607 firmware 
Product: Sdm439 firmware 
Product: Sd 835 firmware 
Product: Sd 710 firmware 
Product: Sd 632 firmware 
Product: Sd 430 firmware 
Product: Sd 210 firmware 
Product: Msm8909w firmware 
Product: Sdm660 firmware 
Product: Sd 850 firmware 
Product: Sd 730 firmware 
Product: Sd 665 firmware 
Product: Sd 439 firmware 
Product: Sd 425 firmware 

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin

Related CVE
CVE-2019-10627
Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2...
CVE-2019-2341
Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdra...
CVE-2019-2294
Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, S...
CVE-2019-2284
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QC...
CVE-2019-2252
Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mo...
CVE-2019-10540
Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Sn...
CVE-2019-10539
Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr...
CVE-2019-10538
Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr...

Copyright 2019, cxsecurity.com

 

Back to Top