CVE-2019-14009

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions in APQ8009, APQ8098, MDM9150, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDM850, SXR2130

Description: The issue is related to out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in various Snapdragon products, including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, and Wired Infrastructure and Networking.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.