Vulnerabilities > CVE-2019-14130 - Out-of-bounds Write vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-787

NVD

Published: 2020-07-30

Updated: 2021-07-21

Summary

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Kamorta Firmware - Qualcomm Qcs404 Firmware - Qualcomm Rennell Firmware - Qualcomm Sc7180 Firmware - Qualcomm Sdx55 Firmware - Qualcomm Sm6150 Firmware - Qualcomm Sm7150 Firmware - Qualcomm Sm8250 Firmware - Qualcomm Sxr2130 Firmware -	9
Hardware	Qualcomm Qualcomm Kamorta - Qualcomm Qcs404 - Qualcomm Rennell - Qualcomm Sc7180 - Qualcomm Sdx55 - Qualcomm Sm6150 - Qualcomm Sm7150 - Qualcomm Sm8250 - Qualcomm Sxr2130 -	9

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References