PT-2020-8531 · Qualcomm · Snapdragon Wearables+5

Published

2020-09-08

Updated

2020-09-11

CVE-2018-13903

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto versions APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 Snapdragon Compute versions APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 Snapdragon Consumer IOT versions APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 Snapdragon Industrial IOT versions APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 Snapdragon Mobile versions APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150 Snapdragon Wearables versions APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150

Description: The issue is related to a race condition in EPCO handling, which causes an error in UE. This error affects various Snapdragon products, including Auto, Compute, Consumer IOT, Industrial IOT, Mobile, and Wearables.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-476

Related Identifiers

CVE-2018-13903

Affected Products

Snapdragon Auto

Snapdragon Compute

Snapdragon Consumer Iot

Snapdragon Industrial Iot

Snapdragon Mobile

Snapdragon Wearables

PT-2020-8531 · Qualcomm · Snapdragon Wearables+5

CVE-2018-13903

Weakness Enumeration

Related Identifiers

Affected Products

References · 4