← Back

CVE-2019-14112

nvd nist
Published: Apr 16, 2020Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Affected (26)

Qualcomm
26 products
Apq8098 Firmware
Ipq6018 Firmware
Ipq8074 Firmware
Msm8998 Firmware
Nicobar Firmware
Qca8081 Firmware
Qcn7605 Firmware
Qcs404 Firmware
Qcs605 Firmware
Rennell Firmware
Sc7180 Firmware
Sc8180x Firmware
Sda660 Firmware
Sda845 Firmware
Sdm630 Firmware
Sdm636 Firmware
Sdm660 Firmware
Sdm670 Firmware
Sdm710 Firmware
Sdm845 Firmware
Sdm850 Firmware
Sm6150 Firmware
Sm7150 Firmware
Sm8150 Firmware
Sxr1130 Firmware
Sxr2130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8098 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8098
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq6018 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq6018
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ipq8074 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Ipq8074
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8998 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8998
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nicobar Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Nicobar
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qca8081 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qca8081
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcn7605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcn7605
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs404 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs404
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs605
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rennell Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Rennell
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sc7180 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sc7180
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sc8180x Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sc8180x
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sda660 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sda660
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sda845 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sda845
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm630 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm630
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm636 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm636
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm660 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm660
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm670 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm670
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm710 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm710
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm845 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm845
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm850 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm850
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm6150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm6150
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm7150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm7150
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr1130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr1130
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr2130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr2130
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: product-security@qualcomm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.