Vulnerability Description
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 835 Firmware | - |
| Qualcomm | Sd 835 | - |
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107681Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/107681Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-11856?
CVE-2018-11856 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.
How severe is CVE-2018-11856?
CVE-2018-11856 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11856?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 835 Firmware, Qualcomm Sd 835, Qualcomm Sd 845 Firmware, Qualcomm Sd 845, Qualcomm Sd 850 Firmware.