1. Home
  2. CVE Database
  3. CVE-2018-5868
HIGH · 7.8

CVE-2018-5868

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 8...

Vulnerability Description

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommMsm8996Au Firmware-
QualcommMsm8996Au-
QualcommSd 425 Firmware-
QualcommSd 425-
QualcommSd 430 Firmware-
QualcommSd 430-
QualcommSd 450 Firmware-
QualcommSd 450-
QualcommSd 625 Firmware-
QualcommSd 625-
QualcommSd 712 Firmware-
QualcommSd 712-
QualcommSd 710 Firmware-
QualcommSd 710-
QualcommSd 670 Firmware-
QualcommSd 670-
QualcommSd 820 Firmware-
QualcommSd 820-
QualcommSd 820A Firmware-
QualcommSd 820A-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2018-5868?

CVE-2018-5868 is a vulnerability with a CVSS score of 7.8 (HIGH). Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 8...

How severe is CVE-2018-5868?

CVE-2018-5868 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-5868?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Msm8996Au Firmware, Qualcomm Msm8996Au, Qualcomm Sd 425 Firmware, Qualcomm Sd 425, Qualcomm Sd 430 Firmware.