Vulnerability Description
Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, Rennell, SC7180, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Msm8905 Firmware | - |
| Qualcomm | Msm8905 | - |
| Qualcomm | Msm8909 Firmware | - |
| Qualcomm | Msm8909 | - |
| Qualcomm | Msm8917 Firmware | - |
| Qualcomm | Msm8917 | - |
| Qualcomm | Msm8920 Firmware | - |
| Qualcomm | Msm8920 | - |
| Qualcomm | Msm8937 Firmware | - |
| Qualcomm | Msm8937 | - |
| Qualcomm | Msm8940 Firmware | - |
| Qualcomm | Msm8940 | - |
| Qualcomm | Msm8953 Firmware | - |
| Qualcomm | Msm8953 | - |
| Qualcomm | Nicobar Firmware | - |
| Qualcomm | Nicobar | - |
| Qualcomm | Qcm2150 Firmware | - |
| Qualcomm | Qcm2150 | - |
| Qualcomm | Qm215 Firmware | - |
| Qualcomm | Qm215 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinVendor Advisory
FAQ
What is CVE-2019-14012?
CVE-2019-14012 is a vulnerability with a CVSS score of 7.5 (HIGH). Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP messages in Snapdragon Auto, Snapdragon Compute, Snapdragon ...
How severe is CVE-2019-14012?
CVE-2019-14012 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14012?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Msm8905 Firmware, Qualcomm Msm8905, Qualcomm Msm8909 Firmware, Qualcomm Msm8909, Qualcomm Msm8917 Firmware.