Lucene search

QualcommCVELIST:CVE-2019-14119

HistorySep 08, 2020 - 9:31 a.m.

CVE-2019-14119

2020-09-0809:31:34

qualcomm

www.cve.org

smcinvoke

toctou race

memory corruption

snapdragon

ipq6018

kamorta

mdm9205

mdm9607

nicobar

qcs404

qcs405

qcs605

qcs610

rennell

sa415m

sa515m

sa6155p

sc7180

sc8180x

sdm670

sdm710

sdx24

sdx55

sm6150

sm7150

sm8150

sm8250

sxr1130

sxr2130

EPSS

Percentile

12.6%

JSON

u’While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "IPQ6018, Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2019-14119