CVE-2019-2319
First published: Mon Nov 04 2019(Updated: )
HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm 9205 Firmware | ||
| Qualcomm 9205 | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm ZZ QCS605 firmware | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm SD845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SD 670 Firmware | ||
| Qualcomm SDM670 Firmware | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm SDA/SDM845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm Snapdragon 850 Firmware | ||
| Qualcomm SD850 | ||
| qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150 firmware | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-2319?
CVE-2019-2319 has a critical severity rating due to potential memory corruption issues affecting various Qualcomm Snapdragon platforms.
How do I fix CVE-2019-2319?
To fix CVE-2019-2319, you should apply the latest firmware updates released by Qualcomm or your device manufacturer.
What systems are affected by CVE-2019-2319?
CVE-2019-2319 affects Snapdragon-based systems including MDM9205, QCS404, QCS605, SDM670, and several others.
Is CVE-2019-2319 remotely exploitable?
Yes, CVE-2019-2319 can be exploited remotely, potentially allowing an attacker to corrupt critical memory structures.
What are the potential impacts of CVE-2019-2319?
The potential impacts of CVE-2019-2319 include system instability, unauthorized access, and privilege escalation on affected devices.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm 9205 firmware
- canonical/qualcomm 9205
- canonical/qualcomm qcs404 firmware
- canonical/qualcomm zz qcs605 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm sd845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sd710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm sda/sdm845 firmware
- canonical/qualcomm snapdragon 850 firmware
- canonical/qualcomm sd850
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130