CVE-2019-14075

Published: Apr 16, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Null pointer dereference issue in radio interface layer due to lack of null check in sapmodule destructor in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS605, Rennell, Saipan, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected (22)

Products: Qualcomm: Mdm9607 Firmware, Msm8917 Firmware, Msm8920 Firmware, Msm8937 Firmware, Msm8940 Firmware, Msm8953 Firmware, Msm8998 Firmware, Nicobar Firmware, Qcs605 Firmware, Rennell Firmware, Saipan Firmware, Sdm450 Firmware, Sdm630 Firmware, Sdm636 Firmware, Sdm660 Firmware, Sdm670 Firmware, Sdm710 Firmware, Sm6150 Firmware, Sm7150 Firmware, Sm8150 Firmware, Sm8250 Firmware, Sxr2130 Firmware

Qualcomm

22 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9607 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9607	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8917 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8917	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8920 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8920	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8937 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8937	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8940 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8940	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8953 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8953	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8998 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8998	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Nicobar Firmware	All versions

Running on/with	Platform Versions
Qualcomm Nicobar	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs605 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs605	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Rennell Firmware	All versions

Running on/with	Platform Versions
Qualcomm Rennell	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Saipan Firmware	All versions

Running on/with	Platform Versions
Qualcomm Saipan	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm450 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm450	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm630 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm630	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm636 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm636	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm660 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm660	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm670 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm670	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm710	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm6150 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm6150	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7150 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7150	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8150 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8150	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8250	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr2130 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr2130	All versions

Related CWEs

CWE-476

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.