Vulnerability Description
Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 835 Firmware | - |
| Qualcomm | Sd 835 | - |
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
| Qualcomm | Sda660 Firmware | - |
| Qualcomm | Sda660 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107681
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/107681
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-11876?
CVE-2018-11876 is a vulnerability with a CVSS score of 7.8 (HIGH). Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
How severe is CVE-2018-11876?
CVE-2018-11876 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11876?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 835 Firmware, Qualcomm Sd 835, Qualcomm Sd 845 Firmware, Qualcomm Sd 845, Qualcomm Sd 850 Firmware.