CVE-2018-11828

Name of the Vulnerable Software and Affected Versions Snapdragon Mobile versions SD 205, SD 210, SD 212, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652

Description The issue occurs when the firmware attempts to obtain a random MAC address generated from new software random number generator (RNG) and analog-to-digital converter (ADC) values, which are constant. This causes the device under test (DUT) to become stuck in a loop while trying to get random ADC samples.

Recommendations For Snapdragon Mobile versions SD 205, SD 210, SD 212, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, consider implementing a workaround to prevent the DUT from getting stuck in a loop, such as introducing variability in the ADC values or using an alternative random number generation method. At the moment, there is no information about a newer version that contains a fix for this vulnerability.