Vulnerability Description
Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 835 Firmware | - |
| Qualcomm | Sd 835 | - |
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
| Qualcomm | Sda660 Firmware | - |
| Qualcomm | Sda660 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107681Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/107681Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-11854?
CVE-2018-11854 is a vulnerability with a CVSS score of 7.8 (HIGH). Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
How severe is CVE-2018-11854?
CVE-2018-11854 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11854?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 835 Firmware, Qualcomm Sd 835, Qualcomm Sd 845 Firmware, Qualcomm Sd 845, Qualcomm Sd 850 Firmware.