CVE-2019-14101

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Description: An out of bounds read can occur in the diag event set mask command handler when the user-provided length in the command request is less than the expected length. This issue affects various Qualcomm Snapdragon products, including Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, and Wired Infrastructure and Networking.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.