CVE-2019-14110

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto versions APQ8009 through APQ8098 Qualcomm Snapdragon Compute versions APQ8009 through APQ8098 Qualcomm Snapdragon Connectivity versions APQ8009 through APQ8098 Qualcomm Snapdragon Consumer Electronics Connectivity versions APQ8009 through APQ8098 Qualcomm Snapdragon Consumer IOT versions APQ8009 through APQ8098 Qualcomm Snapdragon Industrial IOT versions APQ8009 through APQ8098 Qualcomm Snapdragon IoT versions APQ8009 through APQ8098 Qualcomm Snapdragon Mobile versions APQ8009 through APQ8098 Qualcomm Snapdragon Voice & Music versions APQ8009 through APQ8098 Qualcomm Snapdragon Wired Infrastructure and Networking versions APQ8009 through APQ8098 Qualcomm IPQ6018 Qualcomm IPQ8074 Qualcomm MDM9206 Qualcomm MDM9207C Qualcomm MDM9607 Qualcomm MDM9640 Qualcomm MDM9650 Qualcomm MSM8996 Qualcomm MSM8996AU Qualcomm MSM8998 Qualcomm Nicobar Qualcomm QCA4531 Qualcomm QCA6174A Qualcomm QCA6564 Qualcomm QCA6574AU Qualcomm QCA6584 Qualcomm QCA6584AU Qualcomm QCA8081 Qualcomm QCA9377 Qualcomm QCA9379 Qualcomm QCA9886 Qualcomm QCN7605 Qualcomm QCS404 Qualcomm QCS405 Qualcomm QCS605 Qualcomm Rennell Qualcomm SA6155P Qualcomm SC7180 Qualcomm SC8180X Qualcomm SDA660 Qualcomm SDA845 Qualcomm SDM630 Qualcomm SDM636 Qualcomm SDM660 Qualcomm SDM670 Qualcomm SDM710 Qualcomm SDM845 Qualcomm SDM850 Qualcomm SDX20 Qualcomm SDX24 Qualcomm SM6150 Qualcomm SM7150 Qualcomm SM8150 Qualcomm SXR1130 Qualcomm SXR2130

Description: A buffer overflow can occur in the wlan firmware while copying association frame content if the frame length is more than the maximum buffer size in case of SAP mode. This issue affects various Qualcomm Snapdragon products.

Recommendations: For Qualcomm Snapdragon Auto versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Compute versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Connectivity versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Consumer Electronics Connectivity versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Consumer IOT versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Industrial IOT versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon IoT versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Mobile versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Voice & Music versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm Snapdragon Wired Infrastructure and Networking versions APQ8009 through APQ8098, update to a fixed version. For Qualcomm IPQ6018, update to a fixed version. For Qualcomm IPQ8074, update to a fixed version. For Qualcomm MDM9206, update to a fixed version. For Qualcomm MDM9207C, update to a fixed version. For Qualcomm MDM9607, update to a fixed version. For Qualcomm MDM9640, update to a fixed version. For Qualcomm MDM9650, update to a fixed version. For Qualcomm MSM8996, update to a fixed version. For Qualcomm MSM8996AU, update to a fixed version. For Qualcomm MSM8998, update to a fixed version. For Qualcomm Nicobar, update to a fixed version. For Qualcomm QCA4531, update to a fixed version. For Qualcomm QCA6174A, update to a fixed version. For Qualcomm QCA6564, update to a fixed version. For Qualcomm QCA6574AU, update to a fixed version. For Qualcomm QCA6584, update to a fixed version. For Qualcomm QCA6584AU, update to a fixed version. For Qualcomm QCA8081, update to a fixed version. For Qualcomm QCA9377, update to a fixed version. For Qualcomm QCA9379, update to a fixed version. For Qualcomm QCA9886, update to a fixed version. For Qualcomm QCN7605, update to a fixed version. For Qualcomm QCS404, update to a fixed version. For Qualcomm QCS405, update to a fixed version. For Qualcomm QCS605, update to a fixed version. For Qualcomm Rennell, update to a fixed version. For Qualcomm SA6155P, update to a fixed version. For Qualcomm SC7180, update to a fixed version. For Qualcomm SC8180X, update to a fixed version. For Qualcomm SDA660, update to a fixed version. For Qualcomm SDA845, update to a fixed version. For Qualcomm SDM630, update to a fixed version. For Qualcomm SDM636, update to a fixed version. For Qualcomm SDM660, update to a fixed version. For Qualcomm SDM670, update to a fixed version. For Qualcomm SDM710, update to a fixed version. For Qualcomm SDM845, update to a fixed version. For Qualcomm SDM850, update to a fixed version. For Qualcomm SDX20, update to a fixed version. For Qualcomm SDX24, update to a fixed version. For Qualcomm SM6150, update to a fixed version. For Qualcomm SM7150, update to a fixed version. For Qualcomm SM8150, update to a fixed version. For Qualcomm SXR1130, update to a fixed version. For Qualcomm SXR2130, update to a fixed version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.