Vulnerability Description
Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ipq8074 Firmware | - |
| Qualcomm | Ipq8074 | - |
| Qualcomm | Mdm9206 Firmware | - |
| Qualcomm | Mdm9206 | - |
| Qualcomm | Mdm9607 Firmware | - |
| Qualcomm | Mdm9607 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Sd 210 Firmware | - |
| Qualcomm | Sd 210 | - |
| Qualcomm | Sd 212 Firmware | - |
| Qualcomm | Sd 212 | - |
| Qualcomm | Sd 205 Firmware | - |
| Qualcomm | Sd 205 | - |
| Qualcomm | Sd 425 Firmware | - |
| Qualcomm | Sd 425 | - |
| Qualcomm | Sd 427 Firmware | - |
| Qualcomm | Sd 427 | - |
| Qualcomm | Sd 430 Firmware | - |
| Qualcomm | Sd 430 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-11866?
CVE-2018-11866 is a vulnerability with a CVSS score of 7.8 (HIGH). Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607...
How severe is CVE-2018-11866?
CVE-2018-11866 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11866?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ipq8074 Firmware, Qualcomm Ipq8074, Qualcomm Mdm9206 Firmware, Qualcomm Mdm9206, Qualcomm Mdm9607 Firmware.