Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-14079

Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8953, QCA6574AU, QCS605, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SM8150, SXR1130

Published

2020-03-05T09:15:17.517

Last Modified

2024-11-21T04:26:02.987

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-908

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qualcomm	apq8009_firmware	-	Yes
Hardware	qualcomm	apq8009	-	No
Operating System	qualcomm	apq8053_firmware	-	Yes
Hardware	qualcomm	apq8053	-	No
Operating System	qualcomm	mdm9607_firmware	-	Yes
Hardware	qualcomm	mdm9607	-	No
Operating System	qualcomm	mdm9640_firmware	-	Yes
Hardware	qualcomm	mdm9640	-	No
Operating System	qualcomm	msm8909w_firmware	-	Yes
Hardware	qualcomm	msm8909w	-	No
Operating System	qualcomm	msm8953_firmware	-	Yes
Hardware	qualcomm	msm8953	-	No
Operating System	qualcomm	qca6574au_firmware	-	Yes
Hardware	qualcomm	qca6574au	-	No
Operating System	qualcomm	qcs605_firmware	-	Yes
Hardware	qualcomm	qcs605	-	No
Operating System	qualcomm	sda845_firmware	-	Yes
Hardware	qualcomm	sda845	-	No
Operating System	qualcomm	sdm429_firmware	-	Yes
Hardware	qualcomm	sdm429	-	No
Operating System	qualcomm	sdm429w_firmware	-	Yes
Hardware	qualcomm	sdm429w	-	No
Operating System	qualcomm	sdm439_firmware	-	Yes
Hardware	qualcomm	sdm439	-	No
Operating System	qualcomm	sdm450_firmware	-	Yes
Hardware	qualcomm	sdm450	-	No
Operating System	qualcomm	sdm632_firmware	-	Yes
Hardware	qualcomm	sdm632	-	No
Operating System	qualcomm	sdm670_firmware	-	Yes
Hardware	qualcomm	sdm670	-	No
Operating System	qualcomm	sdm710_firmware	-	Yes
Hardware	qualcomm	sdm710	-	No
Operating System	qualcomm	sdm845_firmware	-	Yes
Hardware	qualcomm	sdm845	-	No
Operating System	qualcomm	sdx24_firmware	-	Yes
Hardware	qualcomm	sdx24	-	No
Operating System	qualcomm	sm8150_firmware	-	Yes
Hardware	qualcomm	sm8150	-	No
Operating System	qualcomm	sxr1130_firmware	-	Yes
Hardware	qualcomm	sxr1130	-	No

References

https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin Vendor Advisory ([email protected])
https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)