CVE-2019-14080

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Wearables (affected versions not specified) APQ8053 (affected versions not specified) APQ8096AU (affected versions not specified) Kamorta (affected versions not specified) MDM9607 (affected versions not specified) MDM9640 (affected versions not specified) MDM9650 (affected versions not specified) MSM8905 (affected versions not specified) MSM8909 (affected versions not specified) MSM8917 (affected versions not specified) MSM8920 (affected versions not specified) MSM8937 (affected versions not specified) MSM8940 (affected versions not specified) MSM8953 (affected versions not specified) MSM8996AU (affected versions not specified) Nicobar (affected versions not specified) QCM2150 (affected versions not specified) QCS605 (affected versions not specified) QM215 (affected versions not specified) Rennell (affected versions not specified) SA415M (affected versions not specified) SC7180 (affected versions not specified) SC8180X (affected versions not specified) SDA660 (affected versions not specified) SDA845 (affected versions not specified) SDM429 (affected versions not specified) SDM439 (affected versions not specified) SDM450 (affected versions not specified) SDM630 (affected versions not specified) SDM632 (affected versions not specified) SDM636 (affected versions not specified) SDM660 (affected versions not specified) SDM670 (affected versions not specified) SDM710 (affected versions not specified) SDM845 (affected versions not specified) SDM850 (affected versions not specified) SDX24 (affected versions not specified) SM6150 (affected versions not specified) SM7150 (affected versions not specified) SM8150 (affected versions not specified) SXR1130 (affected versions not specified)

Description: Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.