CVE-2018-13887
24.05.2019, 17:29
Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | mdm9150_firmware | - |
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9635m_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | mdm9655_firmware | - |
| qualcomm | msm8909w_firmware | - |
| qualcomm | qcs605_firmware | - |
| qualcomm | qm215_firmware | - |
| qualcomm | sd_210_firmware | - |
| qualcomm | sd_212_firmware | - |
| qualcomm | sd_205_firmware | - |
| qualcomm | sd_425_firmware | - |
| qualcomm | sd_427_firmware | - |
| qualcomm | sd_430_firmware | - |
| qualcomm | sd_435_firmware | - |
| qualcomm | sd_439_firmware | - |
| qualcomm | sd_429_firmware | - |
| qualcomm | sd_450_firmware | - |
| qualcomm | sd_600_firmware | - |
| qualcomm | sd_625_firmware | - |
| qualcomm | sd_632_firmware | - |
| qualcomm | sd_636_firmware | - |
| qualcomm | sd_675_firmware | - |
| qualcomm | sd_712_firmware | - |
| qualcomm | sd_710_firmware | - |
| qualcomm | sd_670_firmware | - |
| qualcomm | sd_835_firmware | - |
| qualcomm | sd_845_firmware | - |
| qualcomm | sd_850_firmware | - |
| qualcomm | sda660_firmware | - |
| qualcomm | sdm439_firmware | - |
| qualcomm | sdm630_firmware | - |
| qualcomm | sdm660_firmware | - |
| qualcomm | sdx20_firmware | - |
| qualcomm | sm7150_firmware | - |
| qualcomm | sxr1130_firmware | - |
𝑥
= Vulnerable software versions