Vulnerability CVE-2019-2308: Information

Description

User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote subsystem in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-2308

Published: July 25, 2019

Modified: Aug. 24, 2020

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-std-debug	sisyphus	5.4.107-alt1	6.1.92-alt1	ALT-PU-2021-1537-1	268218	Fixed
kernel-image-std-debug	p11	5.4.107-alt1	6.1.91-alt1	ALT-PU-2021-1537-1	268218	Fixed
kernel-image-std-def	sisyphus	5.4.107-alt1	6.1.92-alt1	ALT-PU-2021-1539-1	268224	Fixed
kernel-image-std-def	p10	5.4.107-alt1	5.10.218-alt1	ALT-PU-2021-1539-1	268224	Fixed
kernel-image-std-def	p9	5.4.107-alt1	5.4.277-alt1	ALT-PU-2021-1554-1	268226	Fixed
kernel-image-std-def	c9f2	5.4.107-alt0.c9f	5.10.214-alt0.c9f.2	ALT-PU-2021-1563-1	268230	Fixed
kernel-image-std-def	p11	5.4.107-alt1	6.1.91-alt1	ALT-PU-2021-1539-1	268224	Fixed
kernel-image-un-def	p9	5.10.25-alt1	5.10.218-alt1	ALT-PU-2021-1555-1	268231	Fixed
kernel-image-un-def	c9f2	5.10.25-alt1	5.10.29-alt2	ALT-PU-2021-1555-1	268231	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin	Patch Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
  
  Configuration 5
  cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
  
  Configuration 6
  cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*
  
  Configuration 7
  cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
  
  Configuration 8
  cpe:2.3:o:qualcomm:qualcomm_215_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:qualcomm_215:-:*:*:*:*:*:*:*
  
  Configuration 9
  cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
  
  Configuration 10
  cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*
  
  Configuration 11
  cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
  
  Configuration 12
  cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*
  
  Configuration 13
  cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*
  
  Configuration 14
  cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*
  
  Configuration 15
  cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
  
  Configuration 16
  cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*
  
  Configuration 17
  cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*
  
  Configuration 18
  cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*
  
  Configuration 19
  cpe:2.3:o:qualcomm:sd_665_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_665:-:*:*:*:*:*:*:*
  
  Configuration 20
  cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*
  
  Configuration 21
  cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*
  
  Configuration 22
  cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*
  
  Configuration 23
  cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*
  
  Configuration 24
  cpe:2.3:o:qualcomm:sd_730_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_730:-:*:*:*:*:*:*:*
  
  Configuration 25
  cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
  
  Configuration 26
  cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
  
  Configuration 27
  cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
  
  Configuration 28
  cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*
  
  Configuration 29
  cpe:2.3:o:qualcomm:sd_855_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sd_855:-:*:*:*:*:*:*:*
  
  Configuration 30
  cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
  
  Configuration 31
  cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
  
  Configuration 32
  cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*
  
  Configuration 33
  cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*
  
  Configuration 34
  cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*
  
  Configuration 35
  cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2019-2308: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Configuration 7

Configuration 8

Configuration 9

Configuration 10

Configuration 11

Configuration 12

Configuration 13

Configuration 14

Configuration 15

Configuration 16

Configuration 17

Configuration 18

Configuration 19

Configuration 20

Configuration 21

Configuration 22

Configuration 23

Configuration 24

Configuration 25

Configuration 26

Configuration 27

Configuration 28

Configuration 29

Configuration 30

Configuration 31

Configuration 32

Configuration 33

Configuration 34

Configuration 35