CVE-2019-14094

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Connectivity (affected versions not specified) Snapdragon Consumer Electronics Connectivity (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon IoT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) Snapdragon Wearables (affected versions not specified) Snapdragon Wired Infrastructure and Networking (affected versions not specified) APQ8009 (affected versions not specified) APQ8053 (affected versions not specified) APQ8096AU (affected versions not specified) APQ8098 (affected versions not specified) IPQ6018 (affected versions not specified) IPQ8074 (affected versions not specified) Kamorta (affected versions not specified) MDM9150 (affected versions not specified) MDM9205 (affected versions not specified) MDM9206 (affected versions not specified) MDM9207C (affected versions not specified) MDM9607 (affected versions not specified) MDM9625 (affected versions not specified) MDM9635M (affected versions not specified) MDM9640 (affected versions not specified) MDM9645 (affected versions not specified) MDM9650 (affected versions not specified) MDM9655 (affected versions not specified) MSM8905 (affected versions not specified) MSM8909 (affected versions not specified) MSM8909W (affected versions not specified) MSM8917 (affected versions not specified) MSM8920 (affected versions not specified) MSM8937 (affected versions not specified) MSM8940 (affected versions not specified) MSM8953 (affected versions not specified) MSM8996 (affected versions not specified) MSM8996AU (affected versions not specified) MSM8998 (affected versions not specified) Nicobar (affected versions not specified) QCA8081 (affected versions not specified) QCM2150 (affected versions not specified) QCN7605 (affected versions not specified) QCS404 (affected versions not specified) QCS405 (affected versions not specified) QCS605 (affected versions not specified) QM215 (affected versions not specified) Rennell (affected versions not specified) SA415M (affected versions not specified) Saipan (affected versions not specified) SC7180 (affected versions not specified) SC8180X (affected versions not specified) SDA660 (affected versions not specified) SDA845 (affected versions not specified) SDM429 (affected versions not specified) SDM429W (affected versions not specified) SDM439 (affected versions not specified) SDM450 (affected versions not specified) SDM630 (affected versions not specified) SDM632 (affected versions not specified) SDM636 (affected versions not specified) SDM660 (affected versions not specified) SDM670 (affected versions not specified) SDM710 (affected versions not specified) SDM845 (affected versions not specified) SDM850 (affected versions not specified) SDX20 (affected versions not specified) SDX24 (affected versions not specified) SM6150 (affected versions not specified) SM7150 (affected versions not specified) SM8150 (affected versions not specified) SM8250 (affected versions not specified) SXR1130 (affected versions not specified) SXR2130 (affected versions not specified)

Description: The issue is related to an integer overflow in the diag command handler when a user inputs a large value for the number of tasks field in the request packet. This affects various Snapdragon products, including Auto, Compute, Connectivity, and others, across a range of specific models.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.