CVE-2019-2255 - An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code

CVE-2019-2255

Summary

An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

References

https://www.qualcomm.com/company/product-security/bulletins

Vulnerable Configurations

cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_730_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_730_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_730:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_730:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_855:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_855:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm

https://www.qualcomm.com/company/product-security/bulletins

Last major update

24-08-2020 - 17:37

Published

14-06-2019 - 17:29

Last modified

24-08-2020 - 17:37