CVE-2018-11858

When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-10-29 18:29

Updated : 2024-02-28 16:48


NVD link : CVE-2018-11858

Mitre link : CVE-2018-11858

CVE.ORG link : CVE-2018-11858


JSON object : View

Products Affected

qualcomm

  • sd_850_firmware
  • sd_850
  • sd_835
  • sd_845
  • sd_835_firmware
  • sd_845_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer