CVE-2019-14114

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130

Description: A buffer overflow issue exists in the WLAN firmware of Qualcomm Snapdragon while parsing GTK IE containing a GTK key with a length more than the buffer size. This issue affects various Snapdragon products, including Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wired Infrastructure and Networking.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.