Vulnerability Description
Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Kamorta Firmware | - |
| Qualcomm | Kamorta | - |
| Qualcomm | Qcs404 Firmware | - |
| Qualcomm | Qcs404 | - |
| Qualcomm | Rennell Firmware | - |
| Qualcomm | Rennell | - |
| Qualcomm | Sc7180 Firmware | - |
| Qualcomm | Sc7180 | - |
| Qualcomm | Sdx55 Firmware | - |
| Qualcomm | Sdx55 | - |
| Qualcomm | Sm6150 Firmware | - |
| Qualcomm | Sm6150 | - |
| Qualcomm | Sm7150 Firmware | - |
| Qualcomm | Sm7150 | - |
| Qualcomm | Sm8250 Firmware | - |
| Qualcomm | Sm8250 | - |
| Qualcomm | Sxr2130 Firmware | - |
| Qualcomm | Sxr2130 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletinBroken Link
- https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletinBroken Link
FAQ
What is CVE-2019-14130?
CVE-2019-14130 is a vulnerability with a CVSS score of 7.8 (HIGH). Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastr...
How severe is CVE-2019-14130?
CVE-2019-14130 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14130?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Kamorta Firmware, Qualcomm Kamorta, Qualcomm Qcs404 Firmware, Qualcomm Qcs404, Qualcomm Rennell Firmware.