CVE-2018-11267

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd212:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sd410_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd410:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sd412_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd412:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sd600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd600:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sd615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd615:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sd616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd616:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:sd415_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd415:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:sd617_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd617:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd625:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd650:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd652:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd820a:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd850:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-20 13:29

Updated : 2024-02-28 16:48


NVD link : CVE-2018-11267

Mitre link : CVE-2018-11267

CVE.ORG link : CVE-2018-11267


JSON object : View

Products Affected

qualcomm

  • snapdragon_high_med_2016
  • mdm9206
  • sd430_firmware
  • sdm439_firmware
  • sdx20_firmware
  • sd625_firmware
  • sd425
  • sd820_firmware
  • sdm632_firmware
  • sdx20
  • msm8996au
  • sd850
  • mdm9206_firmware
  • sd617
  • sd835_firmware
  • mdm9655
  • sd616
  • sdm660_firmware
  • sd650_firmware
  • sd845
  • mdm9615
  • sdm636_firmware
  • sd820
  • sd617_firmware
  • sdm636
  • mdm9640_firmware
  • sdm632
  • mdm9607
  • sd820a_firmware
  • sd616_firmware
  • sd450
  • sd410
  • sd600
  • sdm429_firmware
  • sd427_firmware
  • mdm9650
  • sd615_firmware
  • snapdragon_high_med_2016_firmware
  • sd820a
  • sd850_firmware
  • sd615
  • sd835
  • sdm630
  • sda660
  • mdm9640
  • sdm660
  • msm8996au_firmware
  • sd427
  • sd412_firmware
  • sd415_firmware
  • sdm630_firmware
  • mdm9607_firmware
  • sd450_firmware
  • sd205
  • sd210_firmware
  • sd650
  • sd435
  • sd652
  • sd600_firmware
  • sd652_firmware
  • sdm429
  • sd425_firmware
  • mdm9655_firmware
  • sdm439
  • sd212
  • sda660_firmware
  • sd412
  • sd415
  • mdm9615_firmware
  • mdm9650_firmware
  • sd625
  • sd410_firmware
  • sd435_firmware
  • sd210
  • sd205_firmware
  • sd845_firmware
  • sd212_firmware
  • sd430
CWE
CWE-129

Improper Validation of Array Index