Vulnerability Description
Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8098 Firmware | - |
| Qualcomm | Apq8098 | - |
| Qualcomm | Ipq6018 Firmware | - |
| Qualcomm | Ipq6018 | - |
| Qualcomm | Ipq8074 Firmware | - |
| Qualcomm | Ipq8074 | - |
| Qualcomm | Msm8998 Firmware | - |
| Qualcomm | Msm8998 | - |
| Qualcomm | Nicobar Firmware | - |
| Qualcomm | Nicobar | - |
| Qualcomm | Qca8081 Firmware | - |
| Qualcomm | Qca8081 | - |
| Qualcomm | Qcn7605 Firmware | - |
| Qualcomm | Qcn7605 | - |
| Qualcomm | Qcs404 Firmware | - |
| Qualcomm | Qcs404 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Rennell Firmware | - |
| Qualcomm | Rennell | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletinVendor Advisory
FAQ
What is CVE-2019-14027?
CVE-2019-14027 is a vulnerability with a CVSS score of 7.8 (HIGH). Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Co...
How severe is CVE-2019-14027?
CVE-2019-14027 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14027?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8098 Firmware, Qualcomm Apq8098, Qualcomm Ipq6018 Firmware, Qualcomm Ipq6018, Qualcomm Ipq8074 Firmware.