PT-2019-8829 · Qualcomm · Qca6174A+34
Published
2019-05-24
·
Updated
2019-05-28
·
CVE-2018-11936
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Qualcomm Snapdragon versions (affected versions not specified)
Description
The issue arises from incorrect array index processing within a while loop, leading to invalid index values such as -1. This results in out-of-bounds memory access. The affected products include Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wired Infrastructure and Networking, found in various chipsets like MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820, SD 820A, SD 835, SDX20, and SDX24.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mdm9206
Mdm9607
Mdm9640
Mdm9650
Msm8996Au
Qca6174A
Qca6574
Qca6574Au
Qca6584
Qca6584Au
Qca9377
Qca9379
Qca9886
Sd 205
Sd 210
Sd 212
Sd 425
Sd 427
Sd 430
Sd 435
Sd 450
Sd 625
Sd 820
Sd 820A
Sd 835
Sdx20
Sdx24
Snapdragon Auto
Snapdragon Connectivity
Snapdragon Consumer Electronics Connectivity
Snapdragon Consumer Iot
Snapdragon Industrial Iot
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wired Infrastructure/Networking