PT-2020-9539 · Qualcomm · Sdm710+26

Published

2020-04-16

Updated

2021-07-21

CVE-2019-14131

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions (affected versions not specified)

Description: The issue is related to an out of bound write that can occur in radio measurement requests. This happens when a station (STA) receives multiple invalid radio resource management (RRM) measurement requests from an access point (AP). The affected components include Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music, found in various chipsets such as APQ8053, APQ8096AU, MSM8998, Nicobar, QCA6574AU, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDM660, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, and SXR2130.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-14131

Affected Products

Apq8053

Apq8096Au

Msm8998

Nicobar

Qca6574Au

Qcs605

Rennell

Sa6155P

Sc8180X

Sdm660

Sdm710

Sdm845

Sdx20

Sdx24

Sdx55

Sm6150

Sm7150

Sm8150

Sm8250

Sxr2130

Saipan

Snapdragon Auto

Snapdragon Compute

Snapdragon Consumer Iot

Snapdragon Industrial Iot

Snapdragon Mobile

Snapdragon Voice & Music

PT-2020-9539 · Qualcomm · Sdm710+26

CVE-2019-14131

Weakness Enumeration

Related Identifiers

Affected Products

References · 2