CVE-2019-2239

MEDIUM

Qualcomm Snapdragon - Denial of Service

Title source: llm

Description

Sanity checks are missing in layout which can lead to SUI Corruption or can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016, SXR1130

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins

Scores

CVSS v3 5.5

EPSS 0.0004

EPSS Percentile 13.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-129

Status published

Products (50)

qualcomm/mdm9150_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9607_firmware

qualcomm/mdm9635m_firmware

qualcomm/mdm9640_firmware

qualcomm/mdm9650_firmware

qualcomm/mdm9655_firmware

qualcomm/msm8996au_firmware

qualcomm/qcs404_firmware

qualcomm/qcs605_firmware

... and 40 more

Published Jul 25, 2019

Tracked Since Feb 18, 2026