CVE-2019-14112

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions prior to the fixed version

Description: The issue is related to a potential buffer overflow while processing CBF frames due to a lack of check of buffer length before copy in various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wired Infrastructure and Networking. This affects a range of chipsets, including APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, and SXR2130.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.