CVE-2018-11924

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions MDM9150, MDM9206, MDM9607, MDM9640, MDM9650 Qualcomm Snapdragon Compute versions SD 820A, SD 835, SD 845 / SD 850, SD 855 Qualcomm Snapdragon Consumer Electronics Connectivity versions QCA6174A, QCA6574AU, QCA9377, QCA9379 Qualcomm Snapdragon Consumer IOT versions QCA6174A, QCA6574AU, QCA9377, QCA9379 Qualcomm Snapdragon Industrial IOT versions QCA6174A, QCA6574AU, QCA9377, QCA9379 Qualcomm Snapdragon Mobile versions MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670 Qualcomm Snapdragon Voice & Music versions SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670 Qualcomm SDA660 version SDA660 Qualcomm SDM630 version SDM630 Qualcomm SDM660 version SDM660 Qualcomm SDX20 version SDX20 Qualcomm SDX24 version SDX24 Qualcomm SM7150 version SM7150

Description The issue is related to improper buffer length validation in the WLAN function, which can lead to a potential integer overflow issue. This affects various Qualcomm Snapdragon products.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.