First published: Thu Jul 25 2019(Updated: )
Pointer dereference while freeing IFE resources due to lack of length check of in port resource. in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm Msm8909w Firmware | ||
Qualcomm Msm8909w | ||
Qualcomm Qcs405 Firmware | ||
Qualcomm Qcs405 | ||
Qualcomm Qcs605 Firmware | ||
Google Android | ||
Qualcomm Sd 425 Firmware | ||
Qualcomm Sd 425 | ||
Google Android | ||
Google Android | ||
Qualcomm Sd 430 Firmware | ||
Google Android | ||
Google Android | ||
Qualcomm Sd 435 | ||
Qualcomm Sd 450 Firmware | ||
Qualcomm Sd 450 | ||
Qualcomm Sd 625 Firmware | ||
Qualcomm Sd 625 | ||
Qualcomm Sd 636 Firmware | ||
Qualcomm Sd 636 | ||
Google Android | ||
Qualcomm Sd 675 | ||
Qualcomm Sd 712 Firmware | ||
Qualcomm Sd 712 | ||
Qualcomm Sd 710 Firmware | ||
Qualcomm Sd 710 | ||
Qualcomm Sd 670 Firmware | ||
Qualcomm Sd 670 | ||
Qualcomm Sd 730 Firmware | ||
Qualcomm Sd 730 | ||
Qualcomm Sd 845 Firmware | ||
Qualcomm Sd 845 | ||
Qualcomm Sd 850 Firmware | ||
Qualcomm Sd 850 | ||
Qualcomm Sd 855 Firmware | ||
Qualcomm Sd 855 | ||
Qualcomm Sdm630 Firmware | ||
Qualcomm Sdm630 | ||
Qualcomm Sdm660 Firmware | ||
Qualcomm Sdm660 | ||
Qualcomm Sdx24 Firmware | ||
Google Android |
https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID CVE-2019-2293 refers to a pointer dereference vulnerability that occurs while freeing IFE resources due to the lack of a length check of in port resource.
Devices including Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 63…
The severity of CVE-2019-2293 is high with a severity value of 7.8.
To fix CVE-2019-2293, it is recommended to apply the necessary patches or updates provided by Qualcomm. It is also important to keep your device's software up to date.
You can find more information about CVE-2019-2293 on the Code Aurora Security Bulletin for July 2019.