CVE-2019-14098

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto versions APQ8009 through SDX24 Qualcomm Snapdragon Compute versions APQ8009 through SDX24 Qualcomm Snapdragon Connectivity versions APQ8009 through SDX24 Qualcomm Snapdragon Consumer Electronics Connectivity versions APQ8009 through SDX24 Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDX24 Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDX24 Qualcomm Snapdragon IoT versions APQ8009 through SDX24 Qualcomm Snapdragon Mobile versions APQ8009 through SDX24 Qualcomm Snapdragon Voice & Music versions APQ8009 through SDX24 Qualcomm Snapdragon Wired Infrastructure and Networking versions APQ8009 through SDX24

Description: A possible buffer overflow issue exists in the data offload handler due to the lack of a check on the keydata length when copying data. This issue affects various Qualcomm Snapdragon products.

Recommendations: For Qualcomm Snapdragon Auto versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Compute versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Connectivity versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Consumer Electronics Connectivity versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon IoT versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Mobile versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Voice & Music versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler. For Qualcomm Snapdragon Wired Infrastructure and Networking versions APQ8009 through SDX24, update to a version that includes a fix for the buffer overflow issue in the data offload handler.