CVE-2019-2297 - Qualcomm Ipq4019 Firmware, Qualcomm Mdm9607 Firmware and Qualcomm Sda660 Firmware

November 21, 2019

Critical 7.8

Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150

Affected software

Qualcomm Ipq4019 Firmware

Qualcomm Mdm9607 Firmware

Qualcomm Sda660 Firmware

Qualcomm Apq8096au Firmware

Qualcomm Sdm660 Firmware

Qualcomm Apq8053 Firmware

Qualcomm Sdx24 Firmware

Qualcomm Mdm9207c Firmware

Qualcomm Ipq8064 Firmware

Qualcomm Ipq8074 Firmware

Qualcomm Sdx20 Firmware

Qualcomm Mdm9206 Firmware

Qualcomm Mdm9640 Firmware

Qualcomm Qca9377 Firmware

Qualcomm Sda845 Firmware

Qualcomm Qcs405 Firmware

Qualcomm Apq8009 Firmware

Qualcomm Sdm636 Firmware

Qualcomm Sdm845 Firmware

Qualcomm Sm8150 Firmware

Qualcomm Apq8017 Firmware

Qualcomm Msm8905 Firmware

Qualcomm Qcs605 Firmware

Qualcomm Msm8996au Firmware

Qualcomm Apq8064 Firmware

Qualcomm Mdm9650 Firmware

Qualcomm Qca9379 Firmware

Qualcomm Qca6574au Firmware

Qualcomm Qca6174a Firmware

Qualcomm Qcn7605 Firmware

Reference links

https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

CVE-2019-2297 - Qualcomm Ipq4019 Firmware, Qualcomm Mdm9607 Firmware and Qualcomm Sda660 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software