CVE-2018-11866

Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
qualcommCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
qualcommipq8074_firmware
-
qualcommmdm9206_firmware
-
qualcommmdm9607_firmware
-
qualcommmdm9650_firmware
-
qualcommsd_210_firmware
-
qualcommsd_212_firmware
-
qualcommsd_205_firmware
-
qualcommsd_425_firmware
-
qualcommsd_427_firmware
-
qualcommsd_430_firmware
-
qualcommsd_435_firmware
-
qualcommsd_450_firmware
-
qualcommsd_625_firmware
-
qualcommsd_835_firmware
-
qualcommsd_845_firmware
-
qualcommsd_850_firmware
-
qualcommsda660_firmware
-
qualcommsdm429_firmware
-
qualcommsdm439_firmware
-
qualcommsdm630_firmware
-
qualcommsdm632_firmware
-
qualcommsdm636_firmware
-
qualcommsdm660_firmware
-
qualcommsdm710_firmware
-
qualcommsnapdragon_high_med_2016_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qualcomm.com/company/product-security/bulletins
https://www.qualcomm.com/company/product-security/bulletins