Vulnerability CVE-2018-11821

Vulnerability CVE-2018-11821

Published: 2018-10-26

Description:

Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016

Type:

CWE-190

(Integer Overflow or Wraparound)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.2/10	10/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Qualcomm -> Sda660 firmware
Qualcomm -> Ipq8074 firmware
Qualcomm -> Sdm630 firmware
Qualcomm -> Mdm9206 firmware
Qualcomm -> Sdm632 firmware
Qualcomm -> Mdm9607 firmware
Qualcomm -> Sdm636 firmware
Qualcomm -> Mdm9650 firmware
Qualcomm -> Sdm660 firmware
Qualcomm -> Sd 425 firmware
Qualcomm -> Sdm710 firmware
Qualcomm -> Sd 427 firmware
Qualcomm -> Sd 430 firmware
Qualcomm -> Sd 435 firmware
Qualcomm -> Sd 450 firmware
Qualcomm -> Sd 625 firmware
Qualcomm -> Sd 650 firmware
Qualcomm -> Sd 652 firmware
Qualcomm -> Sd 835 firmware
Qualcomm -> Sd 845 firmware
Qualcomm -> Sd 850 firmware

References:

http://www.securityfocus.com/bid/107681

https://www.qualcomm.com/company/product-security/bulletins

Copyright 2024, cxsecurity.com