Vulnerability Description
While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SXR1130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9206 Firmware | - |
| Qualcomm | Mdm9206 | - |
| Qualcomm | Mdm9607 Firmware | - |
| Qualcomm | Mdm9607 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Mdm9655 Firmware | - |
| Qualcomm | Mdm9655 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Sd 210 Firmware | - |
| Qualcomm | Sd 210 | - |
| Qualcomm | Sd 212 Firmware | - |
| Qualcomm | Sd 212 | - |
| Qualcomm | Sd 205 Firmware | - |
| Qualcomm | Sd 205 | - |
| Qualcomm | Sd 410 Firmware | - |
| Qualcomm | Sd 410 | - |
| Qualcomm | Sd 412 Firmware | - |
| Qualcomm | Sd 412 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins#_CVE-2018-12012Vendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins#_CVE-2018-12012Vendor Advisory
FAQ
What is CVE-2018-12012?
CVE-2018-12012 is a vulnerability with a CVSS score of 7.8 (HIGH). While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon...
How severe is CVE-2018-12012?
CVE-2018-12012 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12012?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9206 Firmware, Qualcomm Mdm9206, Qualcomm Mdm9607 Firmware, Qualcomm Mdm9607, Qualcomm Mdm9650 Firmware.