CVE-2019-14023

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions (affected versions not specified)

Description: A string format issue occurs due to the lack of user input validation, which fails to ensure that inputs are properly NULL terminated before string copy. This issue affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music, in specific chipsets such as MDM9607, Nicobar, Rennell, SA6155P, SDX55, SM6150, SM7150, SM8150, SM8250, and SXR2130.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.