Vulnerability

CVE-2019-2302

Component: WIFI
Location: OS
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150

Impact

Severity (Manufact.)

N/A

Severity (NIST)

9.8

Severity (Android)

N/A

Chipsets

12

Devices

608

Affected Hardware

NameAlso known asManufacturer
MSM8905
Qualcomm 205
Qualcomm
MSM8909
Snapdragon 210
Qualcomm
SDM636
Snapdragon 636
Qualcomm
MSM8976
Snapdragon 652
Qualcomm
SDM660
Snapdragon 660
Qualcomm
SDM670
Snapdragon 670
Qualcomm
SM6150
Snapdragon 675
Qualcomm
SDM710
Snapdragon 710
Qualcomm
SDM845
Snapdragon 845
Qualcomm
SM8150
Snapdragon 855
Qualcomm
12 of 12 row(s) shown.

Rows per page

Page 1 of 2

Timeline

Introduced (est):
Jan 1, 2014
Reported:
Aug 15, 2018
Advisory Published:
Oct 7, 2019
CVE Published:
Nov 6, 2019
Android Patch Level:
None
For more information and a detailed analysis of the data presented on this website, please see our paper, to be presented at NDSS'25.
Follow us on Twitter
Contact usData privacy policyImprint