CVE-2018-11271

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon High Med 2016, SXR1130

Description The issue is related to improper authentication that can occur due to inappropriate handling of events in various Snapdragon products. This affects multiple components, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, and Snapdragon Wearables.

Recommendations For each of the affected Qualcomm Snapdragon versions, apply the necessary security updates or patches to resolve the improper authentication issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.