CVE-2019-10614

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions APQ8009 through SM8250 Qualcomm Snapdragon Compute versions APQ8009 through SM8250 Qualcomm Snapdragon Connectivity versions APQ8009 through SM8250 Qualcomm Snapdragon Consumer Electronics Connectivity versions APQ8009 through SM8250 Qualcomm Snapdragon Consumer IOT versions APQ8009 through SM8250 Qualcomm Snapdragon Industrial IOT versions APQ8009 through SM8250 Qualcomm Snapdragon Mobile versions APQ8009 through SM8250 Qualcomm Snapdragon Voice & Music versions APQ8009 through SM8250 Qualcomm Snapdragon Wearables versions APQ8009 through SM8250

Description The issue is related to out of boundary access due to the lack of validation of data accessed against the received size of the packet, specifically in the context of malicious firmware. This could potentially affect a large number of devices worldwide, although the exact number is not specified.

Recommendations For Qualcomm Snapdragon Auto versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Compute versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Connectivity versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Consumer Electronics Connectivity versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Consumer IOT versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Industrial IOT versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Mobile versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Voice & Music versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet. For Qualcomm Snapdragon Wearables versions APQ8009 through SM8250, update the firmware to a version that includes validation of data accessed against the received size of the packet.