#VU19362 Out-of-bounds read in Qualcomm Hardware solutions


Published: 2019-07-25

Vulnerability identifier: #VU19362

Vulnerability risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2019-2277

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
SDX24
Hardware solutions / Firmware
SDM660
Hardware solutions / Firmware
SDM630
Hardware solutions / Firmware
SDA660
Hardware solutions / Firmware
SD855
Hardware solutions / Firmware
SD850
Hardware solutions / Firmware
SD845
Hardware solutions / Firmware
SD835
Hardware solutions / Firmware
SD820A
Hardware solutions / Firmware
SD730
Hardware solutions / Firmware
SD710
Hardware solutions / Firmware
SD712
Hardware solutions / Firmware
SD670
Hardware solutions / Firmware
SD675
Hardware solutions / Firmware
SD665
Hardware solutions / Firmware
SD636
Hardware solutions / Firmware
SD625
Hardware solutions / Firmware
SD450
Hardware solutions / Firmware
SD435
Hardware solutions / Firmware
SD430
Hardware solutions / Firmware
SD427
Hardware solutions / Firmware
SD425
Hardware solutions / Firmware
SD205
Hardware solutions / Firmware
SD212
Hardware solutions / Firmware
SD210
Hardware solutions / Firmware
QCS605
Hardware solutions / Firmware
QCS405
Hardware solutions / Firmware
MSM8996AU
Hardware solutions / Firmware

Vendor: Qualcomm

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to lack of NULL termination on user controlled data in WLAN. A local authenticated attacker can trigger out-of-bounds read error and disclose information, disrupt service and modificate the target applications.

The vulnerability exists in: Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

SDX24: All versions

SDM660: All versions

SDM630: All versions

SDA660: All versions

SD855: All versions

SD850: All versions

SD845: All versions

SD835: All versions

SD820A: All versions

SD730: All versions

SD710: All versions

SD712: All versions

SD670: All versions

SD675: All versions

SD665: All versions

SD636: All versions

SD625: All versions

SD450: All versions

SD435: All versions

SD430: All versions

SD427: All versions

SD425: All versions

SD205: All versions

SD212: All versions

SD210: All versions

QCS605: All versions

QCS405: All versions

MSM8996AU: All versions

External links
http://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin
http://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=477...

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Out-of-bounds read in Qualcomm SDX24