Vulnerability Details CVE-2019-2305
Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-2305
-
cpe:2.3:h:qualcomm:mdm9150:-
-
cpe:2.3:h:qualcomm:mdm9206:-
-
cpe:2.3:h:qualcomm:mdm9607:-
-
cpe:2.3:h:qualcomm:mdm9640:-
-
cpe:2.3:h:qualcomm:mdm9650:-
-
cpe:2.3:h:qualcomm:msm8996au:-
-
cpe:2.3:h:qualcomm:qca6174a:-
-
cpe:2.3:h:qualcomm:qca6574au:-
-
cpe:2.3:h:qualcomm:qca9377:-
-
cpe:2.3:h:qualcomm:qca9379:-
-
cpe:2.3:h:qualcomm:qcs405:-
-
cpe:2.3:h:qualcomm:qcs605:-
-
cpe:2.3:h:qualcomm:sd_425:-
-
cpe:2.3:h:qualcomm:sd_427:-
-
cpe:2.3:h:qualcomm:sd_430:-
-
cpe:2.3:h:qualcomm:sd_435:-
-
cpe:2.3:h:qualcomm:sd_450:-
-
cpe:2.3:h:qualcomm:sd_625:-
-
cpe:2.3:h:qualcomm:sd_636:-
-
cpe:2.3:h:qualcomm:sd_665:-
-
cpe:2.3:h:qualcomm:sd_670:-
-
cpe:2.3:h:qualcomm:sd_675:-
-
cpe:2.3:h:qualcomm:sd_710:-
-
cpe:2.3:h:qualcomm:sd_712:-
-
cpe:2.3:h:qualcomm:sd_730:-
-
cpe:2.3:h:qualcomm:sd_820:-
-
cpe:2.3:h:qualcomm:sd_820a:-
-
cpe:2.3:h:qualcomm:sd_835:-
-
cpe:2.3:h:qualcomm:sd_845:-
-
cpe:2.3:h:qualcomm:sd_850:-
-
cpe:2.3:h:qualcomm:sd_855:-
-
cpe:2.3:h:qualcomm:sda660:-
-
cpe:2.3:h:qualcomm:sdm630:-
-
cpe:2.3:h:qualcomm:sdm660:-
-
cpe:2.3:h:qualcomm:sdx20:-
-
cpe:2.3:h:qualcomm:sdx24:-
-
cpe:2.3:o:qualcomm:mdm9150_firmware:-
-
cpe:2.3:o:qualcomm:mdm9206_firmware:-
-
cpe:2.3:o:qualcomm:mdm9607_firmware:-
-
cpe:2.3:o:qualcomm:mdm9640_firmware:-
-
cpe:2.3:o:qualcomm:mdm9650_firmware:-
-
cpe:2.3:o:qualcomm:msm8996au_firmware:-
-
cpe:2.3:o:qualcomm:qca6174a_firmware:-
-
cpe:2.3:o:qualcomm:qca6574au_firmware:-
-
cpe:2.3:o:qualcomm:qca9377_firmware:-
-
cpe:2.3:o:qualcomm:qca9379_firmware:-
-
cpe:2.3:o:qualcomm:qcs405_firmware:-
-
cpe:2.3:o:qualcomm:qcs605_firmware:-
-
cpe:2.3:o:qualcomm:sd_425_firmware:-
-
cpe:2.3:o:qualcomm:sd_427_firmware:-
-
cpe:2.3:o:qualcomm:sd_430_firmware:-
-
cpe:2.3:o:qualcomm:sd_435_firmware:-
-
cpe:2.3:o:qualcomm:sd_450_firmware:-
-
cpe:2.3:o:qualcomm:sd_625_firmware:-
-
cpe:2.3:o:qualcomm:sd_636_firmware:-
-
cpe:2.3:o:qualcomm:sd_665_firmware:-
-
cpe:2.3:o:qualcomm:sd_670_firmware:-
-
cpe:2.3:o:qualcomm:sd_675_firmware:-
-
cpe:2.3:o:qualcomm:sd_710_firmware:-
-
cpe:2.3:o:qualcomm:sd_712_firmware:-
-
cpe:2.3:o:qualcomm:sd_730_firmware:-
-
cpe:2.3:o:qualcomm:sd_820_firmware:-
-
cpe:2.3:o:qualcomm:sd_820a_firmware:-
-
cpe:2.3:o:qualcomm:sd_835_firmware:-
-
cpe:2.3:o:qualcomm:sd_845_firmware:-
-
cpe:2.3:o:qualcomm:sd_850_firmware:-
-
cpe:2.3:o:qualcomm:sd_855_firmware:-
-
cpe:2.3:o:qualcomm:sda660_firmware:-
-
cpe:2.3:o:qualcomm:sdm630_firmware:-
-
cpe:2.3:o:qualcomm:sdm660_firmware:-
-
cpe:2.3:o:qualcomm:sdx20_firmware:-
-
cpe:2.3:o:qualcomm:sdx24_firmware:-