Vulnerability Description
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 210 Firmware | - |
| Qualcomm | Sd 210 | - |
| Qualcomm | Sd 212 Firmware | - |
| Qualcomm | Sd 212 | - |
| Qualcomm | Sd 205 Firmware | - |
| Qualcomm | Sd 205 | - |
| Qualcomm | Sd 425 Firmware | - |
| Qualcomm | Sd 425 | - |
| Qualcomm | Sd 430 Firmware | - |
| Qualcomm | Sd 430 | - |
| Qualcomm | Sd 450 Firmware | - |
| Qualcomm | Sd 450 | - |
| Qualcomm | Sd 625 Firmware | - |
| Qualcomm | Sd 625 | - |
| Qualcomm | Sd 650 Firmware | - |
| Qualcomm | Sd 650 | - |
| Qualcomm | Sd 652 Firmware | - |
| Qualcomm | Sd 652 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107681Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/107681Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-11828?
CVE-2018-11828 is a vulnerability with a CVSS score of 7.5 (HIGH). When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD...
How severe is CVE-2018-11828?
CVE-2018-11828 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11828?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 210 Firmware, Qualcomm Sd 210, Qualcomm Sd 212 Firmware, Qualcomm Sd 212, Qualcomm Sd 205 Firmware.