CVE-2019-2336

CVE Database · CVE-2019-2336

CVE-2019-2336

· MEDIUMModified

CVSS v3.1

5.5

EPSS

0.17%

Published

Nov 21, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-416CWE-787

Affected Products (14)

qualcomm · mdm9205_firmwarevulnerable

qualcomm · mdm9205

qualcomm · qcs404_firmwarevulnerable

qualcomm · qcs404

qualcomm · sdx55_firmwarevulnerable

qualcomm · sdx55

qualcomm · sm6150_firmwarevulnerable

qualcomm · sm6150

qualcomm · sm7150_firmwarevulnerable

qualcomm · sm7150

qualcomm · sm8150_firmwarevulnerable

· sm8150

References (2)

https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs