PT-2018-10858 · Qualcomm · Snapdragon Mobile
Publicado
2018-10-29
·
Atualizado
2018-12-07
·
CVE-2018-11858
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Snapdragon Mobile versions SD 835 through SD 850
Description
The issue arises from insufficient input validation of the IE length when processing IE set commands, potentially leading to buffer overwrite.
Recommendations
For versions SD 835 through SD 850, update to a version that includes input validation for the IE length to prevent buffer overwrite.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Snapdragon Mobile