CVE-2019-2304 - Qualcomm Ipq4019 Firmware, Qualcomm Sdm845 Firmware and Qualcomm Qcn7605 Firmware

December 18, 2019

Critical 7.8

Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Affected software

Qualcomm Ipq4019 Firmware

Qualcomm Sdm845 Firmware

Qualcomm Qcn7605 Firmware

Qualcomm Qcs405 Firmware

Qualcomm Sdm660 Firmware

Qualcomm Ipq8074 Firmware

Qualcomm Sm8150 Firmware

Qualcomm Qcs605 Firmware

Qualcomm Sda845 Firmware

Qualcomm Sxr1130 Firmware

Qualcomm Msm8937 Firmware

Qualcomm Sdx55 Firmware

Qualcomm Sm7150 Firmware

Qualcomm Sdx24 Firmware

Qualcomm Msm8920 Firmware

Qualcomm Ipq8064 Firmware

Qualcomm Msm8940 Firmware

Qualcomm Mdm9607 Firmware

Qualcomm Msm8917 Firmware

Qualcomm Sm6150 Firmware

Reference links

https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin

CVE-2019-2304 - Qualcomm Ipq4019 Firmware, Qualcomm Sdm845 Firmware and Qualcomm Qcn7605 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software