What is CVE-2019-14015?

CVE-2019-14015 is a stack-based buffer overflow vulnerability that exists in the initialization of the identification stage due to lack of check on the number of templates provided.

What software versions are affected by CVE-2019-14015?

CVE-2019-14015 affects Qualcomm Apq8096 Firmware, Qualcomm Apq8096au Firmware, Qualcomm Mdm9205 Firmware, and several other Qualcomm firmware versions.

What is the severity of CVE-2019-14015?

CVE-2019-14015 has a severity rating of 7.8, which is considered high.

How can I fix CVE-2019-14015?

To fix CVE-2019-14015, update your affected Qualcomm firmware versions to the latest available patches and versions.

Where can I find more information about CVE-2019-14015?

You can find more information about CVE-2019-14015 in the Android Security Bulletin for March 2020 and the Qualcomm Product Security Bulletins for March 2020.

Vulnerability/
CVE-2019-14015

high

7.8

CWE

787 119

2/3/2020

7/9/2022

CVE-2019-14015: Buffer Overflow

First published: Mon Mar 02 2020(Updated: )

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, MDM9205, MSM8996, MSM8996AU, Nicobar, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Google Android
Qualcomm Apq8096 Firmware
Google Android
Google Android
Google Android
Google Android
Google Android
Qualcomm Msm8996 Firmware
Google Android
Google Android
Qualcomm Msm8996au
Google Android
Qualcomm Nicobar
Qualcomm Qcs404 Firmware
Google Android
Qualcomm Qcs405 Firmware
Google Android
Qualcomm Qcs605 Firmware
Google Android
Qualcomm Rennell Firmware
Google Android
Google Android
Qualcomm Sa6155p
Qualcomm Sc8180x Firmware
Qualcomm Sc8180x
Google Android
Google Android
Qualcomm Sda845 Firmware
Qualcomm Sda845
Qualcomm Sdm630 Firmware
Qualcomm Sdm630
Google Android
Qualcomm Sdm636
Qualcomm Sdm660 Firmware
Qualcomm Sdm660
Qualcomm Sdm670 Firmware
Qualcomm Sdm670
Qualcomm Sdm710 Firmware
Qualcomm Sdm710
Qualcomm Sdm845 Firmware
Qualcomm Sdm845
Qualcomm Sdm850 Firmware
Qualcomm Sdm850
Qualcomm Sdx24 Firmware
Google Android
Qualcomm Sdx55 Firmware
Qualcomm Sdx55
Google Android
Qualcomm Sm6150
Google Android
Google Android
Qualcomm Sm8150 Firmware
Qualcomm Sm8150
Qualcomm Sxr1130 Firmware
Qualcomm Sxr1130
Qualcomm Sxr2130 Firmware
Qualcomm Sxr2130

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-14015?
CVE-2019-14015 is a stack-based buffer overflow vulnerability that exists in the initialization of the identification stage due to lack of check on the number of templates provided.
What software versions are affected by CVE-2019-14015?
CVE-2019-14015 affects Qualcomm Apq8096 Firmware, Qualcomm Apq8096au Firmware, Qualcomm Mdm9205 Firmware, and several other Qualcomm firmware versions.
What is the severity of CVE-2019-14015?
CVE-2019-14015 has a severity rating of 7.8, which is considered high.
How can I fix CVE-2019-14015?
To fix CVE-2019-14015, update your affected Qualcomm firmware versions to the latest available patches and versions.
Where can I find more information about CVE-2019-14015?
You can find more information about CVE-2019-14015 in the Android Security Bulletin for March 2020 and the Qualcomm Product Security Bulletins for March 2020.