CVE-2019-14066: Integer Overflow
First published: Mon May 04 2020(Updated: )
Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm Kamorta | ||
| qualcomm Kamorta firmware | ||
| Qualcomm 9205 Firmware | ||
| Qualcomm 9205 | ||
| Qualcomm MD9607 Firmware | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm Nicobar | ||
| Qualcomm Nicobar | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm Rennell | ||
| qualcomm Rennell firmware | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| Qualcomm SC7180P Firmware | ||
| Qualcomm SC7180 | ||
| qualcomm SC8180X firmware | ||
| Qualcomm SC8180X | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55 Firmware | ||
| qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150 firmware | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-14066?
CVE-2019-14066 has a severity rating of high due to the potential for integer overflow vulnerabilities.
How do I fix CVE-2019-14066?
To fix CVE-2019-14066, users should apply the latest updates and patches provided by the affected software vendors.
What software is affected by CVE-2019-14066?
CVE-2019-14066 affects multiple Qualcomm firmware versions and devices that utilize Qualcomm Snapdragon technologies.
Can CVE-2019-14066 lead to remote exploits?
Yes, CVE-2019-14066 could potentially lead to remote code execution vulnerabilities if exploited.
Is CVE-2019-14066 specific to Android devices?
While CVE-2019-14066 impacts Android devices, it is also associated with other Qualcomm-based systems and firmware.
- agent/type
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm kamorta
- canonical/qualcomm kamorta firmware
- canonical/qualcomm 9205 firmware
- canonical/qualcomm 9205
- canonical/qualcomm md9607 firmware
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm nicobar
- canonical/qualcomm qcs404 firmware
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm rennell
- canonical/qualcomm rennell firmware
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155p
- canonical/qualcomm sc7180p firmware
- canonical/qualcomm sc7180
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sdx55m firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130