CVE-2018-11288
18.01.2019, 22:29
Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | mdm9655_firmware | - |
| qualcomm | msm8996au_firmware | - |
| qualcomm | sd_210_firmware | - |
| qualcomm | sd_212_firmware | - |
| qualcomm | sd_205_firmware | - |
| qualcomm | sd_410_firmware | - |
| qualcomm | sd_412_firmware | - |
| qualcomm | sd_712_firmware | - |
| qualcomm | sd_710_firmware | - |
| qualcomm | sd_670_firmware | - |
| qualcomm | sd_820_firmware | - |
| qualcomm | sd_820a_firmware | - |
| qualcomm | sd_835_firmware | - |
| qualcomm | sd_845_firmware | - |
| qualcomm | sd_850_firmware | - |
| qualcomm | sdx24_firmware | - |
| qualcomm | sxr1130_firmware | - |
𝑥
= Vulnerable software versions