Vulnerability Description
Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ipq4019 Firmware | - |
| Qualcomm | Ipq4019 | - |
| Qualcomm | Ipq8064 Firmware | - |
| Qualcomm | Ipq8064 | - |
| Qualcomm | Ipq8074 Firmware | - |
| Qualcomm | Ipq8074 | - |
| Qualcomm | Mdm9607 Firmware | - |
| Qualcomm | Mdm9607 | - |
| Qualcomm | Msm8917 Firmware | - |
| Qualcomm | Msm8917 | - |
| Qualcomm | Msm8920 Firmware | - |
| Qualcomm | Msm8920 | - |
| Qualcomm | Msm8937 Firmware | - |
| Qualcomm | Msm8937 | - |
| Qualcomm | Msm8940 Firmware | - |
| Qualcomm | Msm8940 | - |
| Qualcomm | Qcn7605 Firmware | - |
| Qualcomm | Qcn7605 | - |
| Qualcomm | Qcs405 Firmware | - |
| Qualcomm | Qcs405 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletPatchVendor Advisory
FAQ
What is CVE-2019-2304?
CVE-2019-2304 is a vulnerability with a CVSS score of 7.8 (HIGH). Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snap...
How severe is CVE-2019-2304?
CVE-2019-2304 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-2304?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ipq4019 Firmware, Qualcomm Ipq4019, Qualcomm Ipq8064 Firmware, Qualcomm Ipq8064, Qualcomm Ipq8074 Firmware.