CVE-2019-2241

MEDIUM

Snapdragon Auto et al - Info Disclosure

Title source: llm

Description

While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX24, SXR1130

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 14.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Classification

CWE

CWE-755

Status published

Affected Products (31)

qualcomm/mdm9150_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9607_firmware

qualcomm/mdm9650_firmware

qualcomm/mdm9655_firmware

qualcomm/msm8996au_firmware

qualcomm/qcs404_firmware

qualcomm/qcs605_firmware

qualcomm/sd_210_firmware

qualcomm/sd_212_firmware

qualcomm/sd_205_firmware

qualcomm/sd_410_firmware

qualcomm/sd_412_firmware

qualcomm/sd_636_firmware

qualcomm/sd_675_firmware

... and 16 more

Timeline

Published Jul 25, 2019

Tracked Since Feb 18, 2026