How severe is CVE-2019-2312?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2019-2312?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2019-2312

HIGH Year: 2019

CVSS v3 Score

7.8

High

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-119

View all →

Vulnerability Description

When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, MDM9640, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24

CVE-2007-6761

HIGH

CVSS:7.8(High)

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf...

CWE-1192007

CVE-2009-0658

HIGH

CVSS:7.8(High)

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call an...

CWE-1192009

CVE-2009-4004

HIGH

CVSS:7.8(High)

Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc7 allows local users to cause a denial of service (memory co...

CWE-1192009

CVE-2010-0036

HIGH

CVSS:7.8(High)

Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.

CWE-1192010

CVE-2010-1816

HIGH

CVSS:7.8(High)

Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a cr...

CWE-1192010

CVE-2010-3081

HIGH

CVSS:7.8(High)

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit...

CWE-1192010

CVE-2019-2312

Vulnerability Description

Related Vulnerabilities

CVE-2007-6761

CVE-2009-0658

CVE-2009-4004

CVE-2010-0036

CVE-2010-1816

CVE-2010-3081