← Back

CVE-2019-14111

nvd nist
Published: Apr 16, 2020Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Possible buffer overflow while handling NAN reception of NMF in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, Rennell, SC7180, SC8180X, SM6150, SM7150, SM8150, SXR2130

Affected (15)

Qualcomm
15 products
Ipq6018 Firmware
Ipq8074 Firmware
Nicobar Firmware
Qca6390 Firmware
Qca8081 Firmware
Qcn7605 Firmware
Qcs404 Firmware
Qcs405 Firmware
Rennell Firmware
Sc7180 Firmware
Sc8180x Firmware
Sm6150 Firmware
Sm7150 Firmware
Sm8150 Firmware
Sxr2130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq6018 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq6018
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8074 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8074
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nicobar Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Nicobar
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca6390 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca6390
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca8081 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca8081
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcn7605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcn7605
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs404 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs404
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs405 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs405
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rennell Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Rennell
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sc7180 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sc7180
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sc8180x Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sc8180x
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm6150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm6150
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm7150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm7150
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr2130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr2130
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: product-security@qualcomm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.