// For flags

CVE-2019-14053

 

Severity Score

7.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Cuando se intenta crear una nueva política XFRM, una lectura de la pila fuera de límites ocurrirá si el usuario proporciona una plantilla donde el modo se establece en un valor que no se resuelve en un modo XFRM válido en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking en las versiones APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-07-19 CVE Reserved
  • 2020-06-02 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qualcomm
Search vendor "Qualcomm"
Apq8009 Firmware
Search vendor "Qualcomm" for product "Apq8009 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8009
Search vendor "Qualcomm" for product "Apq8009"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Apq8053 Firmware
Search vendor "Qualcomm" for product "Apq8053 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8053
Search vendor "Qualcomm" for product "Apq8053"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Apq8096au Firmware
Search vendor "Qualcomm" for product "Apq8096au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8096au
Search vendor "Qualcomm" for product "Apq8096au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Apq8098 Firmware
Search vendor "Qualcomm" for product "Apq8098 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8098
Search vendor "Qualcomm" for product "Apq8098"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq4019 Firmware
Search vendor "Qualcomm" for product "Ipq4019 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq4019
Search vendor "Qualcomm" for product "Ipq4019"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq8074 Firmware
Search vendor "Qualcomm" for product "Ipq8074 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq8074
Search vendor "Qualcomm" for product "Ipq8074"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9206 Firmware
Search vendor "Qualcomm" for product "Mdm9206 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9206
Search vendor "Qualcomm" for product "Mdm9206"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9207c Firmware
Search vendor "Qualcomm" for product "Mdm9207c Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9207c
Search vendor "Qualcomm" for product "Mdm9207c"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9607 Firmware
Search vendor "Qualcomm" for product "Mdm9607 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9607
Search vendor "Qualcomm" for product "Mdm9607"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9640 Firmware
Search vendor "Qualcomm" for product "Mdm9640 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9640
Search vendor "Qualcomm" for product "Mdm9640"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9650 Firmware
Search vendor "Qualcomm" for product "Mdm9650 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9650
Search vendor "Qualcomm" for product "Mdm9650"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8905 Firmware
Search vendor "Qualcomm" for product "Msm8905 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8905
Search vendor "Qualcomm" for product "Msm8905"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8909w Firmware
Search vendor "Qualcomm" for product "Msm8909w Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8909w
Search vendor "Qualcomm" for product "Msm8909w"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8917 Firmware
Search vendor "Qualcomm" for product "Msm8917 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8917
Search vendor "Qualcomm" for product "Msm8917"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8953 Firmware
Search vendor "Qualcomm" for product "Msm8953 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8953
Search vendor "Qualcomm" for product "Msm8953"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8996au Firmware
Search vendor "Qualcomm" for product "Msm8996au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8996au
Search vendor "Qualcomm" for product "Msm8996au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca4531 Firmware
Search vendor "Qualcomm" for product "Qca4531 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca4531
Search vendor "Qualcomm" for product "Qca4531"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qcn7605 Firmware
Search vendor "Qualcomm" for product "Qcn7605 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qcn7605
Search vendor "Qualcomm" for product "Qcn7605"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qcs605 Firmware
Search vendor "Qualcomm" for product "Qcs605 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qcs605
Search vendor "Qualcomm" for product "Qcs605"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qm215 Firmware
Search vendor "Qualcomm" for product "Qm215 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qm215
Search vendor "Qualcomm" for product "Qm215"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sa415m Firmware
Search vendor "Qualcomm" for product "Sa415m Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sa415m
Search vendor "Qualcomm" for product "Sa415m"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sc8180x Firmware
Search vendor "Qualcomm" for product "Sc8180x Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sc8180x
Search vendor "Qualcomm" for product "Sc8180x"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sda660 Firmware
Search vendor "Qualcomm" for product "Sda660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sda660
Search vendor "Qualcomm" for product "Sda660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sda845 Firmware
Search vendor "Qualcomm" for product "Sda845 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sda845
Search vendor "Qualcomm" for product "Sda845"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm429 Firmware
Search vendor "Qualcomm" for product "Sdm429 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm429
Search vendor "Qualcomm" for product "Sdm429"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm429w Firmware
Search vendor "Qualcomm" for product "Sdm429w Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm429w
Search vendor "Qualcomm" for product "Sdm429w"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm439 Firmware
Search vendor "Qualcomm" for product "Sdm439 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm439
Search vendor "Qualcomm" for product "Sdm439"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm450 Firmware
Search vendor "Qualcomm" for product "Sdm450 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm450
Search vendor "Qualcomm" for product "Sdm450"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm630 Firmware
Search vendor "Qualcomm" for product "Sdm630 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm630
Search vendor "Qualcomm" for product "Sdm630"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm632 Firmware
Search vendor "Qualcomm" for product "Sdm632 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm632
Search vendor "Qualcomm" for product "Sdm632"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm636 Firmware
Search vendor "Qualcomm" for product "Sdm636 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm636
Search vendor "Qualcomm" for product "Sdm636"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm660 Firmware
Search vendor "Qualcomm" for product "Sdm660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm660
Search vendor "Qualcomm" for product "Sdm660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm845 Firmware
Search vendor "Qualcomm" for product "Sdm845 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm845
Search vendor "Qualcomm" for product "Sdm845"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx20 Firmware
Search vendor "Qualcomm" for product "Sdx20 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx20
Search vendor "Qualcomm" for product "Sdx20"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx24 Firmware
Search vendor "Qualcomm" for product "Sdx24 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx24
Search vendor "Qualcomm" for product "Sdx24"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx55 Firmware
Search vendor "Qualcomm" for product "Sdx55 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx55
Search vendor "Qualcomm" for product "Sdx55"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sm6150 Firmware
Search vendor "Qualcomm" for product "Sm6150 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sm6150
Search vendor "Qualcomm" for product "Sm6150"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sm7150 Firmware
Search vendor "Qualcomm" for product "Sm7150 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sm7150
Search vendor "Qualcomm" for product "Sm7150"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sm8150 Firmware
Search vendor "Qualcomm" for product "Sm8150 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sm8150
Search vendor "Qualcomm" for product "Sm8150"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sm8250 Firmware
Search vendor "Qualcomm" for product "Sm8250 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sm8250
Search vendor "Qualcomm" for product "Sm8250"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sxr2130 Firmware
Search vendor "Qualcomm" for product "Sxr2130 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sxr2130
Search vendor "Qualcomm" for product "Sxr2130"
--
Safe