CVE-2019-14123

Summary

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and NetworkingKamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130affected

Weaknesses

  • Improper Input Validation in Content Protection

ADP Enrichment

CVE Program Container

Additional References

References