PT-2018-6823 · Qualcomm · Snapdragon
Published
2018-10-23
·
Updated
2018-12-10
·
CVE-2017-18304
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Qualcomm Snapdragon versions FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, and SDX20
Description:
The issue is related to insufficient memory allocation in boot due to an incorrect size being passed, which could result in out of bounds access. This affects various Qualcomm Snapdragon products, including Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear.
Recommendations:
For versions FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, and SDX20, at the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Snapdragon