CVE-2018-5914
26.10.2018, 13:29
Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | sd_210_firmware | - |
| qualcomm | sd_212_firmware | - |
| qualcomm | sd_205_firmware | - |
| qualcomm | sd_425_firmware | - |
| qualcomm | sd_430_firmware | - |
| qualcomm | sd_450_firmware | - |
| qualcomm | sd_625_firmware | - |
| qualcomm | sd_650_firmware | - |
| qualcomm | sd_652_firmware | - |
| qualcomm | sd_835_firmware | - |
| qualcomm | sda660_firmware | - |
𝑥
= Vulnerable software versions