1. Home
  2. CVE Database
  3. CVE-2019-2293
HIGH · 7.8

CVE-2019-2293

Pointer dereference while freeing IFE resources due to lack of length check of in port resource. in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Sna...

Vulnerability Description

Pointer dereference while freeing IFE resources due to lack of length check of in port resource. in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommMsm8909W Firmware-
QualcommMsm8909W-
QualcommQcs405 Firmware-
QualcommQcs405-
QualcommQcs605 Firmware-
QualcommQcs605-
QualcommSd 425 Firmware-
QualcommSd 425-
QualcommSd 427 Firmware-
QualcommSd 427-
QualcommSd 430 Firmware-
QualcommSd 430-
QualcommSd 435 Firmware-
QualcommSd 435-
QualcommSd 450 Firmware-
QualcommSd 450-
QualcommSd 625 Firmware-
QualcommSd 625-
QualcommSd 636 Firmware-
QualcommSd 636-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2019-2293?

CVE-2019-2293 is a vulnerability with a CVSS score of 7.8 (HIGH). Pointer dereference while freeing IFE resources due to lack of length check of in port resource. in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Sna...

How severe is CVE-2019-2293?

CVE-2019-2293 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-2293?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Msm8909W Firmware, Qualcomm Msm8909W, Qualcomm Qcs405 Firmware, Qualcomm Qcs405, Qualcomm Qcs605 Firmware.