Vulnerability Description
Error occurs While extracting the ipv6_header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8096AU, MDM9205, MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8096Au Firmware | - |
| Qualcomm | Apq8096Au | - |
| Qualcomm | Mdm9205 Firmware | - |
| Qualcomm | Mdm9205 | - |
| Qualcomm | Mdm9206 Firmware | - |
| Qualcomm | Mdm9206 | - |
| Qualcomm | Mdm9607 Firmware | - |
| Qualcomm | Mdm9607 | - |
| Qualcomm | Mdm9640 Firmware | - |
| Qualcomm | Mdm9640 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Msm8905 Firmware | - |
| Qualcomm | Msm8905 | - |
| Qualcomm | Msm8909 Firmware | - |
| Qualcomm | Msm8909 | - |
| Qualcomm | Msm8917 Firmware | - |
| Qualcomm | Msm8917 | - |
| Qualcomm | Msm8920 Firmware | - |
| Qualcomm | Msm8920 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinVendor Advisory
FAQ
What is CVE-2019-14022?
CVE-2019-14022 is a vulnerability with a CVSS score of 7.5 (HIGH). Error occurs While extracting the ipv6_header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...
How severe is CVE-2019-14022?
CVE-2019-14022 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14022?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8096Au Firmware, Qualcomm Apq8096Au, Qualcomm Mdm9205 Firmware, Qualcomm Mdm9205, Qualcomm Mdm9206 Firmware.