What is CVE-2019-2244?

CVE-2019-2244 is a critical-severity vulnerability in Qualcomm Mdm9206, classified under Integer Underflow. CVSS score: 9.8/10. Published 2019-05-24.

How severe is CVE-2019-2244?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Integer overflow in Qualcomm Mdm9206

CVE-2019-2244

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C…

EPSS: 0.010 (57.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Qualcomm Mdm9206
Qualcomm Mdm9206_firmware
Qualcomm Mdm9607
Qualcomm Mdm9607_firmware
Qualcomm Mdm9650
Qualcomm Mdm9650_firmware
Qualcomm Msm8909w
Qualcomm Msm8909w_firmware
Qualcomm Msm8996au
Qualcomm Msm8996au_firmware

Weakness classification (CWE)

CWE-191 — Integer Underflow

References

product-security@qualcomm.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2019-2244?: CVE-2019-2244 is a critical-severity vulnerability in Qualcomm Mdm9206, classified under Integer Underflow. CVSS score: 9.8/10. Published 2019-05-24.
How severe is CVE-2019-2244?: Critical severity. CVSS v3 base score is 9.8 out of 10.