CVE-2019-2258

Published: 06/11/2019 Updated: 21/07/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Vulnerable Product	Search on Vulmon	Subscribe to Product
qualcomm mdm9150_firmware -
qualcomm mdm9607_firmware -
qualcomm mdm9615_firmware -
qualcomm mdm9625_firmware -
qualcomm mdm9635m_firmware -
qualcomm mdm9640_firmware -
qualcomm mdm9650_firmware -
qualcomm mdm9655_firmware -
qualcomm msm8909w_firmware -
qualcomm msm8996au_firmware -
qualcomm qcs605_firmware -
qualcomm qualcomm_215_firmware -
qualcomm sd_210_firmware -
qualcomm sd_212_firmware -
qualcomm sd_205_firmware -
qualcomm sd_425_firmware -
qualcomm sd_427_firmware -
qualcomm sd_430_firmware -
qualcomm sd_435_firmware -
qualcomm sd_439_firmware -
qualcomm sd_429_firmware -
qualcomm sd_450_firmware -
qualcomm sd_615_firmware -
qualcomm sd_616_firmware -
qualcomm sd_415_firmware -
qualcomm sd_625_firmware -
qualcomm sd_632_firmware -
qualcomm sd_636_firmware -
qualcomm sd_650_firmware -
qualcomm sd_652_firmware -
qualcomm sd_665_firmware -
qualcomm sd_675_firmware -
qualcomm sd_712_firmware -
qualcomm sd_710_firmware -
qualcomm sd_670_firmware -
qualcomm sd_730_firmware -
qualcomm sd_820_firmware -
qualcomm sd_820a_firmware -
qualcomm sd_835_firmware -
qualcomm sd_845_firmware -
qualcomm sd_850_firmware -
qualcomm sd_855_firmware -
qualcomm sd_8cx_firmware -
qualcomm sda660_firmware -
qualcomm sdm439_firmware -
qualcomm sdm630_firmware -
qualcomm sdm660_firmware -
qualcomm sdx20_firmware -
qualcomm snapdragon_high_med_2016_firmware -
qualcomm sxr1130_firmware -

Too bad, so sad, exploit devs: Google patches possibly several million dollars' worth of security flaws in Android

The Register • Shaun Nichols in San Francisco • 05 Sep 2019

Except one – a 'your phone is now my phone' bug reported months ago and still not fixed Fancy buying a compact and bijou cardboard box home in a San Francisco alley? This $2.5m Android bounty will get you nearly there

Google this week emitted the September edition of its monthly Android security updates – and has left at least one known vulnerability unpatched. Also, in case you missed it, the web giant started rolling out Android 10 a few days ago. The September 2019 bundle of security fixes will be pushed out automatically to Google-branded devices, while those with other Android gear will be fed the fixes by their device manufacturer or mobile carrier. Some of the holes can be patched remotely by the ad ...

CVE-2019-2258

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect