← Back

CVE-2019-14036

nvd nist
Published: Jan 21, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

Affected (10)

Qualcomm
10 products
Apq8064 Firmware
Apq8096au Firmware
Ipq4019 Firmware
Ipq8064 Firmware
Ipq8074 Firmware
Mdm9607 Firmware
Mdm9615 Firmware
Mdm9640 Firmware
Msm8996au Firmware
Qcn7605 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8064 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8064
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8096au Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8096au
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq4019 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq4019
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8064 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8064
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8074 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8074
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9607 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9607
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9615 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9615
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9640 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9640
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8996au Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8996au
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcn7605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcn7605
All versions

Related CWEs

CWE-129
Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (2)

Source: product-security@qualcomm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.