PT-2019-8821 · Qualcomm · Qualcomm Snapdragon Auto+13
Published
2019-05-24
·
Updated
2019-05-29
·
CVE-2018-11928
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Qualcomm Snapdragon Auto versions (affected versions not specified)
Qualcomm Snapdragon Compute versions (affected versions not specified)
Qualcomm Snapdragon Connectivity versions (affected versions not specified)
Qualcomm Snapdragon Consumer Electronics Connectivity versions (affected versions not specified)
Qualcomm Snapdragon Consumer IOT versions (affected versions not specified)
Qualcomm Snapdragon Industrial IOT versions (affected versions not specified)
Qualcomm Snapdragon Mobile versions (affected versions not specified)
Qualcomm Snapdragon Voice & Music versions (affected versions not specified)
Qualcomm Snapdragon Wired Infrastructure and Networking versions (affected versions not specified)
Description
A lack of check on the length parameter may cause a buffer overflow while processing WMI commands. This issue affects various Qualcomm Snapdragon products, including Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, and Wired Infrastructure and Networking, in multiple chipsets such as IPQ8074, MDM9206, and SD 210/SD 212/SD 205.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ipq8074
Mdm9206
Qualcomm Snapdragon Auto
Qualcomm Snapdragon Compute
Qualcomm Snapdragon Connectivity
Qualcomm Snapdragon Consumer Electronics Connectivity
Qualcomm Snapdragon Consumer Iot
Qualcomm Snapdragon Industrial Iot
Qualcomm Snapdragon Mobile
Qualcomm Snapdragon Voice & Music
Qualcomm Snapdragon Wired Infrastructure/Networking
Sd 205
Sd 210
Sd 212