1. Home
  2. CVE Database
  3. CVE-2019-14117
HIGH · 7.8

CVE-2019-14117

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault except...

Vulnerability Description

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommBitra Firmware-
QualcommBitra-
QualcommMdm9607 Firmware-
QualcommMdm9607-
QualcommQcs405 Firmware-
QualcommQcs405-
QualcommSaipan Firmware-
QualcommSaipan-
QualcommSc8180X Firmware-
QualcommSc8180X-
QualcommSdx55 Firmware-
QualcommSdx55-
QualcommSm6150 Firmware-
QualcommSm6150-
QualcommSm7150 Firmware-
QualcommSm7150-
QualcommSm8150 Firmware-
QualcommSm8150-
QualcommSm8250 Firmware-
QualcommSm8250-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2019-14117?

CVE-2019-14117 is a vulnerability with a CVSS score of 7.8 (HIGH). u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault except...

How severe is CVE-2019-14117?

CVE-2019-14117 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-14117?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Bitra Firmware, Qualcomm Bitra, Qualcomm Mdm9607 Firmware, Qualcomm Mdm9607, Qualcomm Qcs405 Firmware.