CVE-2019-2345

Published Jul 25, 2019
Last updated 5 years ago
CVSS high 7.0
Overview

Description: Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM660, SDX20, SDX24
Source: product-security@qualcomm.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 7
Impact score: 5.9
Exploitability score: 1
Vector string: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 4.4
Impact score: 6.4
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-362
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE28A59C-7AA6-4B85-84E8-07852B96108E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5DEE828B-09A7-4AC1-8134-491A7C87C118"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C56BC939-2FE8-4AB4-B638-35C83B224005"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E36C12E2-7064-41E6-B357-3F0E6E6D0A0F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8175FC2D-8B9C-4461-BEAE-E9C688E8A63B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "92CD09CE-75CC-418F-AB16-4685141BDE36"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE5C66CC-B00C-4581-B8FB-0632232E480D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "87F57247-08CD-473E-A517-F9E85BFC7BEA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55604764-FC96-451C-BB9B-9AD72EF5D245"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "71CEDACD-D22B-4CCD-93DA-B79CB74BDA22"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E07C621F-0BC0-40C1-9678-1AF6498AC487"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C621A62-E346-406B-9D20-8FF6C2B0851F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06E0CC35-AC20-42D7-8FEA-CA4685E33E72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4A2C4DED-2367-4736-A0AF-C8356F1271AD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE94E380-CB75-462E-B411-BF38F17D53B2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0947F38F-3DC2-45F1-B3B3-963922F32054"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BFF8872-645F-4A05-BAF9-7797CFBE37C6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9CB91AFF-C149-4F5C-92EC-E78E66935528"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B529780-DB0A-4F9C-AE63-6DEC593B86E5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "669E7360-E8C3-4BB8-A3B6-61BD58AFAF62"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D49606C5-7306-4F33-864C-C1905594F09C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B43964AF-7CEC-420A-935B-D3895B2BAC70"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E077FC03-F86F-417A-A3E6-BC88CB85C6F0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E016356C-94ED-4CDD-8351-97D265FE036E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E08016A2-E4FE-4E9C-A915-C66BE157AFB5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "018452D0-007C-4740-B2AF-E5C8BBAC310F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F930E9BF-C502-49C6-8BE8-9A711B89FA1B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DE18BF66-B0DB-48BB-B43A-56F01821F5A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C10C7CB-3B66-4F17-8146-6A85611E2BA9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B9DA765F-53DE-4FB0-B825-6C11B3177641"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2326BD7-28A5-4244-8501-B109913E7AE6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "532D244B-8B5A-4923-B7F1-9DC0A5FC0E9D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24D7B67C-6FEC-48F8-9D46-778E4528BC20"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "05006807-D961-446C-B8DC-C87507F1316E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0CE1B23-6FE3-41C4-B264-C7A9E8BDBEC1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "794BA13C-3C63-4695-AA45-676F85D904BE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9BE864E-7B1E-44D5-A10A-60078095DE33"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "96DD6B48-2554-464D-A061-DBB4B8E00758"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
