CVE-2019-2294

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Published : 2019-09-30 16:15 Updated : 2019-10-03 14:56

10.0
CVSS Score More info
Score 10.0 / 10
10.0
Vendor Product Version URI
Qualcomm Mdm9205 Firmware - cpe:/o:qualcomm:mdm9205_firmware:-
Qualcomm Mdm9206 Firmware - cpe:/o:qualcomm:mdm9206_firmware:-
Qualcomm Mdm9607 Firmware - cpe:/o:qualcomm:mdm9607_firmware:-
Qualcomm Mdm9615 Firmware - cpe:/o:qualcomm:mdm9615_firmware:-
Qualcomm Mdm9625 Firmware - cpe:/o:qualcomm:mdm9625_firmware:-
Qualcomm Mdm9635m Firmware - cpe:/o:qualcomm:mdm9635m_firmware:-
Qualcomm Mdm9655 Firmware - cpe:/o:qualcomm:mdm9655_firmware:-
Qualcomm Msm8909w Firmware - cpe:/o:qualcomm:msm8909w_firmware:-
Qualcomm Msm8996au Firmware - cpe:/o:qualcomm:msm8996au_firmware:-
Qualcomm Qcs605 Firmware - cpe:/o:qualcomm:qcs605_firmware:-
Qualcomm Qualcomm 215 Firmware - cpe:/o:qualcomm:qualcomm_215_firmware:-
Qualcomm Sd 205 Firmware - cpe:/o:qualcomm:sd_205_firmware:-
Qualcomm Sd 210 Firmware - cpe:/o:qualcomm:sd_210_firmware:-
Qualcomm Sd 212 Firmware - cpe:/o:qualcomm:sd_212_firmware:-
Qualcomm Sd 410 Firmware - cpe:/o:qualcomm:sd_410_firmware:-
Qualcomm Sd 412 Firmware - cpe:/o:qualcomm:sd_412_firmware:-
Qualcomm Sd 425 Firmware - cpe:/o:qualcomm:sd_425_firmware:-
Qualcomm Sd 427 Firmware - cpe:/o:qualcomm:sd_427_firmware:-
Qualcomm Sd 429 Firmware - cpe:/o:qualcomm:sd_429_firmware:-
Qualcomm Sd 430 Firmware - cpe:/o:qualcomm:sd_430_firmware:-
Qualcomm Sd 435 Firmware - cpe:/o:qualcomm:sd_435_firmware:-
Qualcomm Sd 439 Firmware - cpe:/o:qualcomm:sd_439_firmware:-
Qualcomm Sd 450 Firmware - cpe:/o:qualcomm:sd_450_firmware:-
Qualcomm Sd 625 Firmware - cpe:/o:qualcomm:sd_625_firmware:-
Qualcomm Sd 632 Firmware - cpe:/o:qualcomm:sd_632_firmware:-
Qualcomm Sd 636 Firmware - cpe:/o:qualcomm:sd_636_firmware:-
Qualcomm Sd 650 Firmware - cpe:/o:qualcomm:sd_650_firmware:-
Qualcomm Sd 652 Firmware - cpe:/o:qualcomm:sd_652_firmware:-
Qualcomm Sd 665 Firmware - cpe:/o:qualcomm:sd_665_firmware:-
Qualcomm Sd 670 Firmware - cpe:/o:qualcomm:sd_670_firmware:-
Qualcomm Sd 675 Firmware - cpe:/o:qualcomm:sd_675_firmware:-
Qualcomm Sd 710 Firmware - cpe:/o:qualcomm:sd_710_firmware:-
Qualcomm Sd 712 Firmware - cpe:/o:qualcomm:sd_712_firmware:-
Qualcomm Sd 730 Firmware - cpe:/o:qualcomm:sd_730_firmware:-
Qualcomm Sd 820 Firmware - cpe:/o:qualcomm:sd_820_firmware:-
Qualcomm Sd 820a Firmware - cpe:/o:qualcomm:sd_820a_firmware:-
Qualcomm Sd 835 Firmware - cpe:/o:qualcomm:sd_835_firmware:-
Qualcomm Sd 845 Firmware - cpe:/o:qualcomm:sd_845_firmware:-
Qualcomm Sd 850 Firmware - cpe:/o:qualcomm:sd_850_firmware:-
Qualcomm Sd 855 Firmware - cpe:/o:qualcomm:sd_855_firmware:-
Qualcomm Sd 8cx Firmware - cpe:/o:qualcomm:sd_8cx_firmware:-
Qualcomm Sda660 Firmware - cpe:/o:qualcomm:sda660_firmware:-
Qualcomm Sdm439 Firmware - cpe:/o:qualcomm:sdm439_firmware:-
Qualcomm Sdm630 Firmware - cpe:/o:qualcomm:sdm630_firmware:-
Qualcomm Sdm660 Firmware - cpe:/o:qualcomm:sdm660_firmware:-
Qualcomm Snapdragon High Med 2016 Firmware - cpe:/o:qualcomm:snapdragon_high_med_2016_firmware:-
Qualcomm Sxr1130 Firmware - cpe:/o:qualcomm:sxr1130_firmware:-
  1. Qualcomm (47) Search CVE
    1. Mdm9615 Firmware (1) Search CVE
      1. -
    2. Sd 212 Firmware (1) Search CVE
      1. -
    3. Mdm9625 Firmware (1) Search CVE
      1. -
    4. Sd 412 Firmware (1) Search CVE
      1. -
    5. Sd 8cx Firmware (1) Search CVE
      1. -
    6. Mdm9206 Firmware (1) Search CVE
      1. -
    7. Qualcomm 215 Firmware (1) Search CVE
      1. -
    8. Mdm9635m Firmware (1) Search CVE
      1. -
    9. Sd 410 Firmware (1) Search CVE
      1. -
    10. Sd 205 Firmware (1) Search CVE
      1. -
    11. Snapdragon High Med 2016 Firmware (1) Search CVE
      1. -
    12. Sd 636 Firmware (1) Search CVE
      1. -
    13. Sd 845 Firmware (1) Search CVE
      1. -
    14. Sdm660 Firmware (1) Search CVE
      1. -
    15. Mdm9607 Firmware (1) Search CVE
      1. -
    16. Sdm630 Firmware (1) Search CVE
      1. -
    17. Msm8909w Firmware (1) Search CVE
      1. -
    18. Mdm9655 Firmware (1) Search CVE
      1. -
    19. Sd 430 Firmware (1) Search CVE
      1. -
    20. Sd 712 Firmware (1) Search CVE
      1. -
    21. Sd 427 Firmware (1) Search CVE
      1. -
    22. Sd 850 Firmware (1) Search CVE
      1. -
    23. Sda660 Firmware (1) Search CVE
      1. -
    24. Sd 675 Firmware (1) Search CVE
      1. -
    25. Sd 670 Firmware (1) Search CVE
      1. -
    26. Sd 439 Firmware (1) Search CVE
      1. -
    27. Sd 435 Firmware (1) Search CVE
      1. -
    28. Sd 650 Firmware (1) Search CVE
      1. -
    29. Qcs605 Firmware (1) Search CVE
      1. -
    30. Sd 835 Firmware (1) Search CVE
      1. -
    31. Sd 429 Firmware (1) Search CVE
      1. -
    32. Sd 820 Firmware (1) Search CVE
      1. -
    33. Sd 632 Firmware (1) Search CVE
      1. -
    34. Sd 855 Firmware (1) Search CVE
      1. -
    35. Sd 425 Firmware (1) Search CVE
      1. -
    36. Mdm9205 Firmware (1) Search CVE
      1. -
    37. Sd 210 Firmware (1) Search CVE
      1. -
    38. Msm8996au Firmware (1) Search CVE
      1. -
    39. Sd 652 Firmware (1) Search CVE
      1. -
    40. Sd 710 Firmware (1) Search CVE
      1. -
    41. Sxr1130 Firmware (1) Search CVE
      1. -
    42. Sd 625 Firmware (1) Search CVE
      1. -
    43. Sdm439 Firmware (1) Search CVE
      1. -
    44. Sd 450 Firmware (1) Search CVE
      1. -
    45. Sd 820a Firmware (1) Search CVE
      1. -
    46. Sd 730 Firmware (1) Search CVE
      1. -
    47. Sd 665 Firmware (1) Search CVE
      1. -

CWE

ID Name Description Links
CWE-330 Use of Insufficiently Random Values The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. CVE

History of changes

Date Event
2019-10-03 14:56
2019-09-30 16:15

New CVE