← Back

CVE-2019-14085

nvd nist
Published: Mar 5, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

Affected (9)

Qualcomm
9 products
Qcn7605 Firmware
Qcs605 Firmware
Sda845 Firmware
Sdm670 Firmware
Sdm710 Firmware
Sdm845 Firmware
Sdm850 Firmware
Sm8150 Firmware
Sxr1130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcn7605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcn7605
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs605
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sda845 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sda845
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm670 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm670
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm710 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm710
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm845 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm845
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm850 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm850
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr1130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr1130
All versions

Related CWEs

CWE-191
Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

References (2)

Source: product-security@qualcomm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.