Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-13919

Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS405, QCS605, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX20, SDX24

Published

2019-06-14T17:29:01.003

Last Modified

2024-11-21T03:48:20.380

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qualcomm	mdm9150_firmware	-	Yes
Hardware	qualcomm	mdm9150	-	No
Operating System	qualcomm	mdm9206_firmware	-	Yes
Hardware	qualcomm	mdm9206	-	No
Operating System	qualcomm	mdm9607_firmware	-	Yes
Hardware	qualcomm	mdm9607	-	No
Operating System	qualcomm	mdm9650_firmware	-	Yes
Hardware	qualcomm	mdm9650	-	No
Operating System	qualcomm	msm8909w_firmware	-	Yes
Hardware	qualcomm	msm8909w	-	No
Operating System	qualcomm	qcs405_firmware	-	Yes
Hardware	qualcomm	qcs405	-	No
Operating System	qualcomm	qcs605_firmware	-	Yes
Hardware	qualcomm	qcs605	-	No
Operating System	qualcomm	sd_625_firmware	-	Yes
Hardware	qualcomm	sd_625	-	No
Operating System	qualcomm	sd_636_firmware	-	Yes
Hardware	qualcomm	sd_636	-	No
Operating System	qualcomm	sd_675_firmware	-	Yes
Hardware	qualcomm	sd_675	-	No
Operating System	qualcomm	sd_712_firmware	-	Yes
Hardware	qualcomm	sd_712	-	No
Operating System	qualcomm	sd_710_firmware	-	Yes
Hardware	qualcomm	sd_710	-	No
Operating System	qualcomm	sd_670_firmware	-	Yes
Hardware	qualcomm	sd_670	-	No
Operating System	qualcomm	sd_730_firmware	-	Yes
Hardware	qualcomm	sd_730	-	No
Operating System	qualcomm	sd_820_firmware	-	Yes
Hardware	qualcomm	sd_820	-	No
Operating System	qualcomm	sd_820a_firmware	-	Yes
Hardware	qualcomm	sd_820a	-	No
Operating System	qualcomm	sd_835_firmware	-	Yes
Hardware	qualcomm	sd_835	-	No
Operating System	qualcomm	sd_845_firmware	-	Yes
Hardware	qualcomm	sd_845	-	No
Operating System	qualcomm	sd_850_firmware	-	Yes
Hardware	qualcomm	sd_850	-	No
Operating System	qualcomm	sd_855_firmware	-	Yes
Hardware	qualcomm	sd_855	-	No
Operating System	qualcomm	sdm630_firmware	-	Yes
Hardware	qualcomm	sdm630	-	No
Operating System	qualcomm	sdm660_firmware	-	Yes
Hardware	qualcomm	sdm660	-	No
Operating System	qualcomm	sdx20_firmware	-	Yes
Hardware	qualcomm	sdx20	-	No
Operating System	qualcomm	sdx24_firmware	-	Yes
Hardware	qualcomm	sdx24	-	No

References

https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin Third Party Advisory ([email protected])
https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)