1. Home
  2. CVE Database
  3. CVE-2019-2339
HIGH · 7.8

CVE-2019-2339

Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr...

Vulnerability Description

Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommMdm9205 Firmware-
QualcommMdm9205-
QualcommQcs404 Firmware-
QualcommQcs404-
QualcommQcs605 Firmware-
QualcommQcs605-
QualcommSda845 Firmware-
QualcommSda845-
QualcommSdm670 Firmware-
QualcommSdm670-
QualcommSdm710 Firmware-
QualcommSdm710-
QualcommSdm845 Firmware-
QualcommSdm845-
QualcommSdm850 Firmware-
QualcommSdm850-
QualcommSdx24 Firmware-
QualcommSdx24-
QualcommSdx55 Firmware-
QualcommSdx55-

Related Weaknesses (CWE)

CWE-129

References

FAQ

What is CVE-2019-2339?

CVE-2019-2339 is a vulnerability with a CVSS score of 7.8 (HIGH). Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr...

How severe is CVE-2019-2339?

CVE-2019-2339 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-2339?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9205 Firmware, Qualcomm Mdm9205, Qualcomm Qcs404 Firmware, Qualcomm Qcs404, Qualcomm Qcs605 Firmware.