CVE-2019-14066

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions (affected versions not specified)

Description: The issue is related to an integer overflow when calculating the estimated output buffer size. This occurs when getting a list of installed Feature IDs, Serial Numbers, or checking Feature ID status in various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wired Infrastructure and Networking. The affected products include Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, and SXR2130.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.