CVE-2019-14076

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto versions APQ8009 through SXR2130 Snapdragon Compute versions APQ8009 through SXR2130 Snapdragon Connectivity versions APQ8009 through SXR2130 Snapdragon Consumer IOT versions APQ8009 through SXR2130 Snapdragon Industrial IOT versions APQ8009 through SXR2130 Snapdragon Mobile versions APQ8009 through SXR2130 Snapdragon Voice & Music versions APQ8009 through SXR2130 Snapdragon Wired Infrastructure and Networking versions APQ8009 through SXR2130

Description: A buffer overflow occurs while processing a subsample data length out of range due to a lack of user input validation. This issue affects various Snapdragon products, including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, and Wired Infrastructure and Networking, in multiple chipsets such as APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, and SXR2130.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.