CVE-2019-14006

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto versions APQ8009 through SM8250 Snapdragon Compute versions APQ8009 through SM8250 Snapdragon Connectivity versions APQ8009 through SM8250 Snapdragon Consumer IOT versions APQ8009 through SM8250 Snapdragon Industrial IOT versions APQ8009 through SM8250 Snapdragon IoT versions APQ8009 through SM8250 Snapdragon Mobile versions APQ8009 through SM8250 Snapdragon Voice & Music versions APQ8009 through SM8250 Snapdragon Wearables versions APQ8009 through SM8250

Description: A buffer overflow occurs while playing a nonstandard clip due to a lack of offset length check. This issue affects various Snapdragon products, including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables. The estimated number of potentially affected devices is not specified.

Recommendations: For Snapdragon Auto versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Compute versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Connectivity versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Consumer IOT versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Industrial IOT versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon IoT versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Mobile versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Voice & Music versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow. For Snapdragon Wearables versions APQ8009 through SM8250, update to a version that includes the offset length check to prevent buffer overflow.