CVE-2019-2238

CVE Database · CVE-2019-2238

CVE-2019-2238

· N/AModified

CVSS v3.1

N/A

EPSS

0.19%

Published

Jul 25, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 8CX, SXR1130

Weaknesses (CWE)

CWE-787

Affected Products (34)

qualcomm · mdm9206_firmwarevulnerable

qualcomm · mdm9206

qualcomm · mdm9607_firmwarevulnerable

qualcomm · mdm9607

qualcomm · mdm9650_firmwarevulnerable

qualcomm · mdm9650

qualcomm · mdm9655_firmwarevulnerable

qualcomm · mdm9655

qualcomm · qcs605_firmwarevulnerable

qualcomm · qcs605

qualcomm · sd_210_firmwarevulnerable

· sd_210

References (2)

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs