Vulnerability Description
Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9150 Firmware | - |
| Qualcomm | Mdm9150 | - |
| Qualcomm | Mdm9206 Firmware | - |
| Qualcomm | Mdm9206 | - |
| Qualcomm | Mdm9607 Firmware | - |
| Qualcomm | Mdm9607 | - |
| Qualcomm | Mdm9640 Firmware | - |
| Qualcomm | Mdm9640 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Msm8909W Firmware | - |
| Qualcomm | Msm8909W | - |
| Qualcomm | Msm8996Au Firmware | - |
| Qualcomm | Msm8996Au | - |
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Qca6574Au Firmware | - |
| Qualcomm | Qca6574Au | - |
| Qualcomm | Qca9377 Firmware | - |
| Qualcomm | Qca9377 | - |
Related Weaknesses (CWE)
References
- https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-secNot ApplicableThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-sePatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-secNot ApplicableThird Party Advisory
FAQ
What is CVE-2018-11955?
CVE-2018-11955 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electr...
How severe is CVE-2018-11955?
CVE-2018-11955 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-11955?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9150 Firmware, Qualcomm Mdm9150, Qualcomm Mdm9206 Firmware, Qualcomm Mdm9206, Qualcomm Mdm9607 Firmware.