← Back

CVE-2019-14117

nvd nist
Published: Sep 8, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected (11)

Qualcomm
11 products
Bitra Firmware
Mdm9607 Firmware
Qcs405 Firmware
Saipan Firmware
Sc8180x Firmware
Sdx55 Firmware
Sm6150 Firmware
Sm7150 Firmware
Sm8150 Firmware
Sm8250 Firmware
Sxr2130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Bitra Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Bitra
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9607 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9607
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs405 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs405
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Saipan Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Saipan
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sc8180x Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sc8180x
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx55 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx55
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm6150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm6150
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm7150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm7150
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8250 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8250
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr2130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr2130
All versions

Related CWEs

CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (3)

Source: product-security@qualcomm.com
Broken Link
Source: nvd@nist.gov
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.