Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-11871

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016.

Published

2018-10-29T18:29:03.697

Last Modified

2024-11-21T03:44:10.657

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qualcomm	ipq4019_firmware	-	Yes
Hardware	qualcomm	ipq4019	-	No
Operating System	qualcomm	ipq8064_firmware	-	Yes
Hardware	qualcomm	ipq8064	-	No
Operating System	qualcomm	ipq8074_firmware	-	Yes
Hardware	qualcomm	ipq8074	-	No
Operating System	qualcomm	mdm9206_firmware	-	Yes
Hardware	qualcomm	mdm9206	-	No
Operating System	qualcomm	mdm9607_firmware	-	Yes
Hardware	qualcomm	mdm9607	-	No
Operating System	qualcomm	mdm9635m_firmware	-	Yes
Hardware	qualcomm	mdm9635m	-	No
Operating System	qualcomm	mdm9640_firmware	-	Yes
Hardware	qualcomm	mdm9640	-	No
Operating System	qualcomm	mdm9650_firmware	-	Yes
Hardware	qualcomm	mdm9650	-	No
Operating System	qualcomm	msm8996au_firmware	-	Yes
Hardware	qualcomm	msm8996au	-	No
Operating System	qualcomm	qca6174a_firmware	-	Yes
Hardware	qualcomm	qca6174a	-	No
Operating System	qualcomm	qca6564_firmware	-	Yes
Hardware	qualcomm	qca6564	-	No
Operating System	qualcomm	qca6574_firmware	-	Yes
Hardware	qualcomm	qca6574	-	No
Operating System	qualcomm	qca6574au_firmware	-	Yes
Hardware	qualcomm	qca6574au	-	No
Operating System	qualcomm	qca6584_firmware	-	Yes
Hardware	qualcomm	qca6584	-	No
Operating System	qualcomm	qca6584au_firmware	-	Yes
Hardware	qualcomm	qca6584au	-	No
Operating System	qualcomm	qca9377_firmware	-	Yes
Hardware	qualcomm	qca9377	-	No
Operating System	qualcomm	qca9378_firmware	-	Yes
Hardware	qualcomm	qca9378	-	No
Operating System	qualcomm	qca9379_firmware	-	Yes
Hardware	qualcomm	qca9379	-	No
Operating System	qualcomm	qca9531_firmware	-	Yes
Hardware	qualcomm	qca9531	-	No
Operating System	qualcomm	qca9558_firmware	-	Yes
Hardware	qualcomm	qca9558	-	No
Operating System	qualcomm	qca9563_firmware	-	Yes
Hardware	qualcomm	qca9563	-	No
Operating System	qualcomm	qca9880_firmware	-	Yes
Hardware	qualcomm	qca9880	-	No
Operating System	qualcomm	qca9886_firmware	-	Yes
Hardware	qualcomm	qca9886	-	No
Operating System	qualcomm	qca9980_firmware	-	Yes
Hardware	qualcomm	qca9980	-	No
Operating System	qualcomm	sd_210_firmware	-	Yes
Hardware	qualcomm	sd_210	-	No
Operating System	qualcomm	sd_212_firmware	-	Yes
Hardware	qualcomm	sd_212	-	No
Operating System	qualcomm	sd_205_firmware	-	Yes
Hardware	qualcomm	sd_205	-	No
Operating System	qualcomm	sd_425_firmware	-	Yes
Hardware	qualcomm	sd_425	-	No
Operating System	qualcomm	sd_427_firmware	-	Yes
Hardware	qualcomm	sd_427	-	No
Operating System	qualcomm	sd_430_firmware	-	Yes
Hardware	qualcomm	sd_430	-	No
Operating System	qualcomm	sd_435_firmware	-	Yes
Hardware	qualcomm	sd_435	-	No
Operating System	qualcomm	sd_450_firmware	-	Yes
Hardware	qualcomm	sd_450	-	No
Operating System	qualcomm	sd_600_firmware	-	Yes
Hardware	qualcomm	sd_600	-	No
Operating System	qualcomm	sd_625_firmware	-	Yes
Hardware	qualcomm	sd_625	-	No
Operating System	qualcomm	sd_650_firmware	-	Yes
Hardware	qualcomm	sd_650	-	No
Operating System	qualcomm	sd_652_firmware	-	Yes
Hardware	qualcomm	sd_652	-	No
Operating System	qualcomm	sd_820_firmware	-	Yes
Hardware	qualcomm	sd_820	-	No
Operating System	qualcomm	sd_820a_firmware	-	Yes
Hardware	qualcomm	sd_820a	-	No
Operating System	qualcomm	sd_835_firmware	-	Yes
Hardware	qualcomm	sd_835	-	No
Operating System	qualcomm	sd_845_firmware	-	Yes
Hardware	qualcomm	sd_845	-	No
Operating System	qualcomm	sd_850_firmware	-	Yes
Hardware	qualcomm	sd_850	-	No
Operating System	qualcomm	sda660_firmware	-	Yes
Hardware	qualcomm	sda660	-	No
Operating System	qualcomm	sdm630_firmware	-	Yes
Hardware	qualcomm	sdm630	-	No
Operating System	qualcomm	sdm632_firmware	-	Yes
Hardware	qualcomm	sdm632	-	No
Operating System	qualcomm	sdm636_firmware	-	Yes
Hardware	qualcomm	sdm636	-	No
Operating System	qualcomm	sdm660_firmware	-	Yes
Hardware	qualcomm	sdm660	-	No
Operating System	qualcomm	sdm710_firmware	-	Yes
Hardware	qualcomm	sdm710	-	No
Operating System	qualcomm	sdx20_firmware	-	Yes
Hardware	qualcomm	sdx20	-	No
Operating System	qualcomm	snapdragon_high_med_2016_firmware	-	Yes
Hardware	qualcomm	snapdragon_high_med_2016	-	No

References

http://www.securityfocus.com/bid/107681 ([email protected])
https://www.qualcomm.com/company/product-security/bulletins Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/107681 (af854a3a-2127-422b-91ae-364da2661108)
https://www.qualcomm.com/company/product-security/bulletins Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)