{"id": "CVE-2019-14130", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-07-30T12:15:11.770", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin", "tags": ["Broken Link"], "source": "
[email protected]"}, {"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin", "tags": ["Vendor Advisory"], "source": "
[email protected]"}, {"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130"}, {"lang": "es", "value": "Una corrupci\u00f3n de la memoria puede presentarse en una aplicaci\u00f3n confiable si el tama\u00f1o del desplazamiento de HLOS es mayor que el tama\u00f1o real del b\u00fafer asignado en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking en versiones Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130"}], "lastModified": "2024-11-21T04:26:08.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:kamorta_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C17D128-D249-463B-B21B-F5B01265726A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:kamorta:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4ECFB565-9C4D-4F58-AD4E-283276688F00"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs404_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A2F7E6B-D499-4698-A203-A12725E51DFF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs404:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B172AA65-B693-48DF-9D5A-7BB6FCC4A2A3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:rennell_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D49376E9-D31E-4E84-9401-45859263F26C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:rennell:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B6D66742-81FA-46D6-B7A2-5460923D81A8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sc7180_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "792A18B7-E775-4AF4-A8C4-D434400317B0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sc7180:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5170B38-0976-49BB-A916-5BE44C567218"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ABE492A-3755-4969-9DEB-4B85EBB84644"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E3D3787B-6ACC-4591-B041-01307ED66C36"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F63A748F-2236-4486-83F1-DE4BCBE5D56D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "184F3DFC-27E8-48AC-B46C-C589DBCBF030"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDC730C6-FB32-4566-AAE2-B2B261BA9411"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5A432773-467F-492C-AA3A-ADF08A21FB3F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "
[email protected]"}
