Vulnerability Details CVE-2019-14083
While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is specified in the attribute length field of extended SSI which can lead to integer underflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096, APQ8098, IPQ6018, IPQ8074, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS404, QCS405, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2019-14083
-
cpe:2.3:h:qualcomm:apq8009:-
-
cpe:2.3:h:qualcomm:apq8053:-
-
cpe:2.3:h:qualcomm:apq8096:-
-
cpe:2.3:h:qualcomm:apq8098:-
-
cpe:2.3:h:qualcomm:ipq6018:-
-
cpe:2.3:h:qualcomm:ipq8074:-
-
cpe:2.3:h:qualcomm:msm8996au:-
-
cpe:2.3:h:qualcomm:msm8998:-
-
cpe:2.3:h:qualcomm:nicobar:-
-
cpe:2.3:h:qualcomm:qca6174a:-
-
cpe:2.3:h:qualcomm:qca6390:-
-
cpe:2.3:h:qualcomm:qca6574au:-
-
cpe:2.3:h:qualcomm:qca8081:-
-
cpe:2.3:h:qualcomm:qca9377:-
-
cpe:2.3:h:qualcomm:qca9379:-
-
cpe:2.3:h:qualcomm:qcn7605:-
-
cpe:2.3:h:qualcomm:qcs404:-
-
cpe:2.3:h:qualcomm:qcs405:-
-
cpe:2.3:h:qualcomm:qcs605:-
-
cpe:2.3:h:qualcomm:rennell:-
-
cpe:2.3:h:qualcomm:sc8180x:-
-
cpe:2.3:h:qualcomm:sda660:-
-
cpe:2.3:h:qualcomm:sda845:-
-
cpe:2.3:h:qualcomm:sdm630:-
-
cpe:2.3:h:qualcomm:sdm636:-
-
cpe:2.3:h:qualcomm:sdm660:-
-
cpe:2.3:h:qualcomm:sdm670:-
-
cpe:2.3:h:qualcomm:sdm710:-
-
cpe:2.3:h:qualcomm:sdm845:-
-
cpe:2.3:h:qualcomm:sdm850:-
-
cpe:2.3:h:qualcomm:sdx20:-
-
cpe:2.3:h:qualcomm:sdx24:-
-
cpe:2.3:h:qualcomm:sm6150:-
-
cpe:2.3:h:qualcomm:sm7150:-
-
cpe:2.3:h:qualcomm:sm8150:-
-
cpe:2.3:h:qualcomm:sxr1130:-
-
cpe:2.3:h:qualcomm:sxr2130:-
-
cpe:2.3:o:qualcomm:apq8009_firmware:-
-
cpe:2.3:o:qualcomm:apq8053_firmware:-
-
cpe:2.3:o:qualcomm:apq8096_firmware:-
-
cpe:2.3:o:qualcomm:apq8098_firmware:-
-
cpe:2.3:o:qualcomm:ipq6018_firmware:-
-
cpe:2.3:o:qualcomm:ipq8074_firmware:-
-
cpe:2.3:o:qualcomm:msm8996au_firmware:-
-
cpe:2.3:o:qualcomm:msm8998_firmware:-
-
cpe:2.3:o:qualcomm:nicobar_firmware:-
-
cpe:2.3:o:qualcomm:qca6174a_firmware:-
-
cpe:2.3:o:qualcomm:qca6390_firmware:-
-
cpe:2.3:o:qualcomm:qca6574au_firmware:-
-
cpe:2.3:o:qualcomm:qca8081_firmware:-
-
cpe:2.3:o:qualcomm:qca9377_firmware:-
-
cpe:2.3:o:qualcomm:qca9379_firmware:-
-
cpe:2.3:o:qualcomm:qcn7605_firmware:-
-
cpe:2.3:o:qualcomm:qcs404_firmware:-
-
cpe:2.3:o:qualcomm:qcs405_firmware:-
-
cpe:2.3:o:qualcomm:qcs605_firmware:-
-
cpe:2.3:o:qualcomm:rennell_firmware:-
-
cpe:2.3:o:qualcomm:sc8180x_firmware:-
-
cpe:2.3:o:qualcomm:sda660_firmware:-
-
cpe:2.3:o:qualcomm:sda845_firmware:-
-
cpe:2.3:o:qualcomm:sdm630_firmware:-
-
cpe:2.3:o:qualcomm:sdm636_firmware:-
-
cpe:2.3:o:qualcomm:sdm660_firmware:-
-
cpe:2.3:o:qualcomm:sdm670_firmware:-
-
cpe:2.3:o:qualcomm:sdm710_firmware:-
-
cpe:2.3:o:qualcomm:sdm845_firmware:-
-
cpe:2.3:o:qualcomm:sdm850_firmware:-
-
cpe:2.3:o:qualcomm:sdx20_firmware:-
-
cpe:2.3:o:qualcomm:sdx24_firmware:-
-
cpe:2.3:o:qualcomm:sm6150_firmware:-
-
cpe:2.3:o:qualcomm:sm7150_firmware:-
-
cpe:2.3:o:qualcomm:sm8150_firmware:-
-
cpe:2.3:o:qualcomm:sxr1130_firmware:-
-
cpe:2.3:o:qualcomm:sxr2130_firmware:-