CVE-2018-13911

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon High Med 2016, SXR1130

Description The issue is related to an out of bounds memory read and access in the GNSS XTRA Parser, which may lead to unexpected behavior. This affects various Qualcomm Snapdragon products, including those used in automotive, compute, consumer IoT, industrial IoT, IoT, mobile, voice and music, and wearables applications.

Recommendations For Qualcomm Snapdragon versions in the listed products, apply the necessary patches or updates to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.