CVE-2018-11980

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description The issue arises when a fake broadcast/multicast 11w RMF without MMIE is received, causing a buffer overflow due to the lack of proper length check in wma process bip. This overflow affects both cds is mmie valid and qdf nbuf trim tail in various Snapdragon products, including Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, and Voice & Music. The estimated number of potentially affected devices worldwide is not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.