CVE-2019-14047 (apq8053_firmware, apq8096au_firmware, mdm9607_firmware, msm8909w_firmware, msm8996_firmware, msm8996au_firmware, qcn7605_firmware, qcs605_firmware, sc8180x_firmware, sda845_firmware, sdx20_firmware, sdx24_firmware, sdx55_firmware, sm8150_firmware, sxr1130_firmware)

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130

View Full Alert