Vulnerability Description
Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Msm8996Au Firmware | - |
| Qualcomm | Msm8996Au | - |
| Qualcomm | Sd 425 Firmware | - |
| Qualcomm | Sd 425 | - |
| Qualcomm | Sd 430 Firmware | - |
| Qualcomm | Sd 430 | - |
| Qualcomm | Sd 450 Firmware | - |
| Qualcomm | Sd 450 | - |
| Qualcomm | Sd 625 Firmware | - |
| Qualcomm | Sd 625 | - |
| Qualcomm | Sd 820 Firmware | - |
| Qualcomm | Sd 820 | - |
| Qualcomm | Sd 820A Firmware | - |
| Qualcomm | Sd 820A | - |
| Qualcomm | Sd 835 Firmware | - |
| Qualcomm | Sd 835 | - |
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105838Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/105838Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-5917?
CVE-2018-5917 is a vulnerability with a CVSS score of 7.8 (HIGH). Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD ...
How severe is CVE-2018-5917?
CVE-2018-5917 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5917?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Msm8996Au Firmware, Qualcomm Msm8996Au, Qualcomm Sd 425 Firmware, Qualcomm Sd 425, Qualcomm Sd 430 Firmware.