PT-2018-1845 · Qualcomm · Msm8996Au+11

Published

2018-05-07

Updated

2019-06-14

CVE-2018-5912

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Qualcomm Video versions in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660

Description The issue is caused by a potential buffer overflow in the Video component due to lack of input validation in input and output values. This could allow an attacker to execute arbitrary code.

Recommendations For Qualcomm Video in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, consider disabling the vulnerable Video component until a patch is available. Restrict access to the Video component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2018-01447

CVE-2018-5912

Affected Products

Msm8996Au

Qualcomm Video

Sd 450

Sd 625

Sd 820

Sd 820A

Sd 835

Sd 845

Sd 850

Sda660

Snapdragon Automobile

Snapdragon Mobile

PT-2018-1845 · Qualcomm · Msm8996Au+11

CVE-2018-5912

Weakness Enumeration

Related Identifiers

Affected Products

References · 6