Vulnerabilities > CVE-2019-14087 - Use After Free vulnerability in Qualcomm Msm8909W Firmware and Qcs605 Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-416

NVD

Published: 2020-06-02

Updated: 2020-06-03

Summary

Failure in buffer management while accessing handle for HDR blit when color modes not supported by display in Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, QCS605

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Msm8909W Firmware - Qualcomm Qcs605 Firmware -	2
Hardware	Qualcomm Qualcomm Msm8909W - Qualcomm Qcs605 -	2

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin