CVE-2019-14053

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Consumer Electronics Connectivity (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon IoT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) Snapdragon Wearables (affected versions not specified) Snapdragon Wired Infrastructure and Networking (affected versions not specified) APQ8009 (affected versions not specified) APQ8053 (affected versions not specified) APQ8096AU (affected versions not specified) APQ8098 (affected versions not specified) IPQ4019 (affected versions not specified) IPQ8074 (affected versions not specified) MDM9206 (affected versions not specified) MDM9207C (affected versions not specified) MDM9607 (affected versions not specified) MDM9640 (affected versions not specified) MDM9650 (affected versions not specified) MSM8905 (affected versions not specified) MSM8909W (affected versions not specified) MSM8917 (affected versions not specified) MSM8953 (affected versions not specified) MSM8996AU (affected versions not specified) QCA4531 (affected versions not specified) QCN7605 (affected versions not specified) QCS605 (affected versions not specified) QM215 (affected versions not specified) SA415M (affected versions not specified) SC8180X (affected versions not specified) SDA660 (affected versions not specified) SDA845 (affected versions not specified) SDM429 (affected versions not specified) SDM429W (affected versions not specified) SDM439 (affected versions not specified) SDM450 (affected versions not specified) SDM630 (affected versions not specified) SDM632 (affected versions not specified) SDM636 (affected versions not specified) SDM660 (affected versions not specified) SDM845 (affected versions not specified) SDX20 (affected versions not specified) SDX24 (affected versions not specified) SDX55 (affected versions not specified) SM6150 (affected versions not specified) SM7150 (affected versions not specified) SM8150 (affected versions not specified) SM8250 (affected versions not specified) SXR2130 (affected versions not specified)

Description: A stack out-of-bounds read will occur when attempting to create a new XFRM policy if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.