I missed this CVE the first time around, only noticed it with recent mainstream news reports. 😦
Quoting the Debian page:
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors.
Huawei is also listed with this CVE, so perhaps other vendors besides HP are impacted?