CVE-2019-14057
First published: Mon Feb 03 2020(Updated: )
Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm APQ8009W Firmware | ||
| Qualcomm APQ8009W | ||
| Qualcomm APQ8017 | ||
| Qualcomm APQ8017 | ||
| qualcomm apq8053-ac firmware | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm APQ8064 AU Firmware | ||
| Qualcomm APQ8064 AU Firmware | ||
| Qualcomm APQ8096AU Firmware | ||
| Qualcomm APQ8096AU Firmware | ||
| qualcomm APQ8098 | ||
| Qualcomm 8098 | ||
| Qualcomm MDM9206 | ||
| Qualcomm MDM9206 firmware | ||
| qualcomm MDM9207C firmware | ||
| Qualcomm 9207 LTE Modem | ||
| Qualcomm MD9607 Firmware | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm 8905 Firmware | ||
| Qualcomm 8905 | ||
| Qualcomm MSM8909W | ||
| Qualcomm Snapdragon 8909 | ||
| Qualcomm MSM8917 | ||
| Qualcomm MSM8917 Firmware | ||
| Qualcomm 8920 Firmware | ||
| Qualcomm 8920 | ||
| Qualcomm 8937 Firmware | ||
| qualcomm MSM8937 firmware | ||
| Qualcomm MSM8939 | ||
| Qualcomm MSM8939 | ||
| qualcomm MSM8940 firmware | ||
| Qualcomm 8940 | ||
| Qualcomm 8953 Firmware | ||
| Qualcomm MSM8953 Firmware | ||
| Qualcomm 8996 Firmware | ||
| Qualcomm Snapdragon 8996 | ||
| qualcomm MSM8996AU firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm MSM8998 | ||
| Qualcomm 8998 | ||
| Qualcomm Nicobar | ||
| Qualcomm Nicobar | ||
| Qualcomm QCA6574 Firmware | ||
| Qualcomm QCA6574AU | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm ZZ QCS605 firmware | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm 215 Firmware | ||
| Qualcomm 215 | ||
| Qualcomm Rennell | ||
| qualcomm Rennell firmware | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm Saipan Firmware | ||
| Qualcomm SDA660 | ||
| Qualcomm SDA660 | ||
| Qualcomm SD845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SDM429W | ||
| Qualcomm SD429 | ||
| Qualcomm SDM429W | ||
| qualcomm SDM429W firmware | ||
| qualcomm SDM439 firmware | ||
| Qualcomm SDM439 Firmware | ||
| Qualcomm SD 450 Firmware | ||
| Qualcomm Snapdragon 450 | ||
| qualcomm SDM630 firmware | ||
| qualcomm SDM630 | ||
| Qualcomm SDM632 | ||
| Qualcomm SDM632 | ||
| Qualcomm SD 636 Firmware | ||
| Qualcomm SDM636 Firmware | ||
| Qualcomm SD660 Firmware | ||
| Qualcomm Snapdragon 660 | ||
| Qualcomm SD 670 Firmware | ||
| Qualcomm SDM670 Firmware | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm SDA/SDM845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm SDX20 Firmware | ||
| qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150 firmware | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SM8250 | ||
| Qualcomm qsm8250 | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-14057?
CVE-2019-14057 has been assigned a severity rating that can range from medium to high, depending on the affected system configurations.
How do I fix CVE-2019-14057?
To fix CVE-2019-14057, apply the latest firmware updates provided by Qualcomm or relevant device manufacturers.
Which devices are affected by CVE-2019-14057?
CVE-2019-14057 affects various Qualcomm Snapdragon platforms including those used in automotive, connectivity, and consumer IoT devices.
Can CVE-2019-14057 lead to data leakage?
Yes, CVE-2019-14057 could potentially lead to data leakage due to buffer over-read vulnerabilities.
What types of systems are primarily impacted by CVE-2019-14057?
CVE-2019-14057 primarily impacts systems running on Qualcomm Snapdragon chipsets that handle MKV file parsing.
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm apq8009w firmware
- canonical/qualcomm apq8009w
- canonical/qualcomm apq8017
- canonical/qualcomm apq8053-ac firmware
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm apq8064 au firmware
- canonical/qualcomm apq8096au firmware
- canonical/qualcomm apq8098
- canonical/qualcomm 8098
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm mdm9207c firmware
- canonical/qualcomm 9207 lte modem
- canonical/qualcomm md9607 firmware
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm 8905 firmware
- canonical/qualcomm 8905
- canonical/qualcomm msm8909w
- canonical/qualcomm snapdragon 8909
- canonical/qualcomm msm8917
- canonical/qualcomm msm8917 firmware
- canonical/qualcomm 8920 firmware
- canonical/qualcomm 8920
- canonical/qualcomm 8937 firmware
- canonical/qualcomm msm8937 firmware
- canonical/qualcomm msm8939
- canonical/qualcomm msm8940 firmware
- canonical/qualcomm 8940
- canonical/qualcomm 8953 firmware
- canonical/qualcomm msm8953 firmware
- canonical/qualcomm 8996 firmware
- canonical/qualcomm snapdragon 8996
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm msm8998
- canonical/qualcomm 8998
- canonical/qualcomm nicobar
- canonical/qualcomm qca6574 firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm zz qcs605 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm 215 firmware
- canonical/qualcomm 215
- canonical/qualcomm rennell
- canonical/qualcomm rennell firmware
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155p
- canonical/qualcomm saipan firmware
- canonical/qualcomm sda660
- canonical/qualcomm sd845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sdm429w
- canonical/qualcomm sd429
- canonical/qualcomm sdm429w firmware
- canonical/qualcomm sdm439 firmware
- canonical/qualcomm sd 450 firmware
- canonical/qualcomm snapdragon 450
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm sdm630
- canonical/qualcomm sdm632
- canonical/qualcomm sd 636 firmware
- canonical/qualcomm sdm636 firmware
- canonical/qualcomm sd660 firmware
- canonical/qualcomm snapdragon 660
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sd710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm sda/sdm845 firmware
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sm8250
- canonical/qualcomm qsm8250
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130