CVE-2019-14086
CRITICALSnapdragon Auto Snapdragon Compute Snapdragon Consumer Electronics ...
Title source: llmDescription
Possible integer overflow while checking the length of frame which is a 32 bit integer and is added to another 32 bit integer which can lead to unexpected result during the check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MDM9607, MSM8998, QCA6584, QCN7605, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin
Scores
CVSS v3
9.8
EPSS
0.0033
EPSS Percentile
56.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (18)
qualcomm/apq8098_firmware
qualcomm/mdm9607_firmware
qualcomm/msm8998_firmware
qualcomm/qca6584_firmware
qualcomm/qcn7605_firmware
qualcomm/qcs605_firmware
qualcomm/sda660_firmware
qualcomm/sdm630_firmware
qualcomm/sdm636_firmware
qualcomm/sdm660_firmware
... and 8 more
Published
Mar 05, 2020
Tracked Since
Feb 18, 2026