Vulnerability Description
Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Snapdragon Auto Firmware | - |
| Qualcomm | Snapdragon Auto | - |
| Qualcomm | Snapdragon Compute Firmware | - |
| Qualcomm | Snapdragon Compute | - |
| Qualcomm | Snapdragon Consumer Internet Of Things Firmware | - |
| Qualcomm | Snapdragon Consumer Internet Of Things | - |
| Qualcomm | Snapdragon Industrial Internet Of Things Firmware | - |
| Qualcomm | Snapdragon Industrial Internet Of Things | - |
| Qualcomm | Mdm9150 Firmware | - |
| Qualcomm | Mdm9150 | - |
| Qualcomm | Mdm9615 Firmware | - |
| Qualcomm | Mdm9615 | - |
| Qualcomm | Mdm9625 Firmware | - |
| Qualcomm | Mdm9625 | - |
| Qualcomm | Mdm9635M Firmware | - |
| Qualcomm | Mdm9635M | - |
| Qualcomm | Mdm9640 Firmware | - |
| Qualcomm | Mdm9640 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106845Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/106845Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-5839?
CVE-2018-5839 is a vulnerability with a CVSS score of 7.1 (HIGH). Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...
How severe is CVE-2018-5839?
CVE-2018-5839 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5839?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Snapdragon Auto Firmware, Qualcomm Snapdragon Auto, Qualcomm Snapdragon Compute Firmware, Qualcomm Snapdragon Compute, Qualcomm Snapdragon Consumer Internet Of Things Firmware.