CVE-2018-5912

Name of the Vulnerable Software and Affected Versions Qualcomm Video versions in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660

Description The issue is caused by a potential buffer overflow in the Video component due to lack of input validation in input and output values. This could allow an attacker to execute arbitrary code.

Recommendations For Qualcomm Video in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, consider disabling the vulnerable Video component until a patch is available. Restrict access to the Video component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.