CVE-2019-14065

HIGH

HavenSvc - Memory Corruption

Title source: llm

Description

u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

References (2)

[Broken Link] https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Scores

CVSS v3 7.8

EPSS 0.0003

EPSS Percentile 9.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (37)

qualcomm/apq8009_firmware

qualcomm/apq8098_firmware

qualcomm/kamorta_firmware

qualcomm/mdm9150_firmware

qualcomm/mdm9205_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9607_firmware

qualcomm/mdm9650_firmware

qualcomm/msm8905_firmware

qualcomm/msm8909_firmware

qualcomm/msm8998_firmware

qualcomm/nicobar_firmware

qualcomm/qcs404_firmware

qualcomm/qcs405_firmware

qualcomm/qcs605_firmware

... and 22 more

Timeline

Published Sep 08, 2020

Tracked Since Feb 18, 2026