What is the severity of CVE-2019-14032?

CVE-2019-14032 is classified as a high-severity vulnerability that can lead to a memory use after free condition in affected Qualcomm products.

How do I fix CVE-2019-14032?

To mitigate CVE-2019-14032, update your Qualcomm device firmware to the latest version provided by the manufacturer.

Which devices are affected by CVE-2019-14032?

CVE-2019-14032 affects a range of Qualcomm Snapdragon platforms including APQ8009, APQ8017, and others across various application domains.

What causes the CVE-2019-14032 vulnerability?

CVE-2019-14032 is caused by a lack of resource control in the audio components of Snapdragon chipsets, allowing memory misuse after objects have been freed.

Is CVE-2019-14032 being actively exploited?

As of the latest updates, there is no public evidence that CVE-2019-14032 is being actively exploited in the wild.

Vulnerability/
CVE-2019-14032

high

7.8

CWE

416

2/3/2020

5/3/2020

26/8/2024

CVE-2019-14032: Use After Free

First published: Mon Mar 02 2020(Updated: )

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Google Android
Qualcomm apq8009 firmware
Qualcomm apq8009
Qualcomm apq8017 firmware
Qualcomm apq8017
Qualcomm APQ8053 Firmware
Qualcomm APQ8053 Firmware
Qualcomm apq8096au firmware
Qualcomm apq8096au
qualcomm APQ8098 firmware
qualcomm APQ8098
Qualcomm MDM9206 firmware
Qualcomm MDM9206
qualcomm MDM9207C firmware
qualcomm MDM9207C
Qualcomm MDM9607 firmware
Qualcomm MDM9607
qualcomm mdm9640 firmware
qualcomm MDM9640
Qualcomm MDM9650 firmware
Qualcomm MDM9650
qualcomm MSM8905 firmware
qualcomm MSM8905
Qualcomm MSM8909W
Qualcomm MSM8909W
Qualcomm msm8953 firmware
Qualcomm msm8953
Qualcomm MSM8996AU Firmware
Qualcomm MSM8996AU Firmware
qualcomm Nicobar firmware
qualcomm Nicobar
Qualcomm QCS405 Firmware
Qualcomm QCS405 Firmware
Qualcomm QCS605 firmware
Qualcomm QCS605
qualcomm Rennell firmware
qualcomm Rennell
Qualcomm Sa6155p Firmware
qualcomm SA6155P
qualcomm Saipan firmware
qualcomm Saipan
qualcomm SC8180X firmware
qualcomm SC8180X
qualcomm sda845 firmware
qualcomm sda845
qualcomm sdm670 firmware
qualcomm sdm670
qualcomm sdm710 firmware
qualcomm sdm710
qualcomm SDM845 firmware
qualcomm SDM845
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware
Qualcomm sdx24 firmware
Qualcomm sdx24
Qualcomm sdx55 firmware
Qualcomm sdx55
Qualcomm SM6150
Qualcomm SM6150 Firmware
Qualcomm SM7150 Firmware
qualcomm SM7150 firmware
qualcomm SM8150 firmware
qualcomm SM8150
qualcomm SM8250 firmware
Qualcomm SM8250
Qualcomm SXR1130 Firmware
Qualcomm SXR1130
qualcomm SXR2130 firmware
qualcomm SXR2130

Remedy

https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-14032?
CVE-2019-14032 is classified as a high-severity vulnerability that can lead to a memory use after free condition in affected Qualcomm products.
How do I fix CVE-2019-14032?
To mitigate CVE-2019-14032, update your Qualcomm device firmware to the latest version provided by the manufacturer.
Which devices are affected by CVE-2019-14032?
CVE-2019-14032 affects a range of Qualcomm Snapdragon platforms including APQ8009, APQ8017, and others across various application domains.
What causes the CVE-2019-14032 vulnerability?
CVE-2019-14032 is caused by a lack of resource control in the audio components of Snapdragon chipsets, allowing memory misuse after objects have been freed.
Is CVE-2019-14032 being actively exploited?
As of the latest updates, there is no public evidence that CVE-2019-14032 is being actively exploited in the wild.

CVE-2019-14032: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-14032?

How do I fix CVE-2019-14032?

Which devices are affected by CVE-2019-14032?

What causes the CVE-2019-14032 vulnerability?

Is CVE-2019-14032 being actively exploited?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2019-14032?

How do I fix CVE-2019-14032?

Which devices are affected by CVE-2019-14032?

What causes the CVE-2019-14032 vulnerability?

Is CVE-2019-14032 being actively exploited?