Vulnerability Name: CVE-2018-11288 (CCN-155937) Assigned: 2018-05-18 Published: 2019-01-07 Updated: 2019-01-25 Summary: Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130 CVSS v3 Severity: 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): HighAvailibility (A): None
CVSS v2 Severity: 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): CompleteAvailibility (A): None
Vulnerability Type: CWE-129 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2018-11288 qualcomm-cve201811288-unspecified(155937) Security Bulletins https://www.qualcomm.com/company/product-security/bulletins Vulnerable Configuration: Configuration 1 :cpe:/o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9206:-:*:*:*:*:*:*:* Configuration 2 :cpe:/o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9607:-:*:*:*:*:*:*:* Configuration 3 :cpe:/o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9650:-:*:*:*:*:*:*:* Configuration 4 :cpe:/o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9655:-:*:*:*:*:*:*:* Configuration 5 :cpe:/o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:msm8996au:-:*:*:*:*:*:*:* Configuration 6 :cpe:/o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_210:-:*:*:*:*:*:*:* Configuration 7 :cpe:/o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_212:-:*:*:*:*:*:*:* Configuration 8 :cpe:/o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_205:-:*:*:*:*:*:*:* Configuration 9 :cpe:/o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_410:-:*:*:*:*:*:*:* Configuration 10 :cpe:/o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_412:-:*:*:*:*:*:*:* Configuration 11 :cpe:/o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_712:-:*:*:*:*:*:*:* Configuration 12 :cpe:/o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_710:-:*:*:*:*:*:*:* Configuration 13 :cpe:/o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_670:-:*:*:*:*:*:*:* Configuration 14 :cpe:/o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_820:-:*:*:*:*:*:*:* Configuration 15 :cpe:/o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_820a:-:*:*:*:*:*:*:* Configuration 16 :cpe:/o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_835:-:*:*:*:*:*:*:* Configuration 17 :cpe:/o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_845:-:*:*:*:*:*:*:* Configuration 18 :cpe:/o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_850:-:*:*:*:*:*:*:* Configuration 19 :cpe:/o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sdx24:-:*:*:*:*:*:*:* Configuration 20 :cpe:/o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sxr1130:-:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:* BACK
qualcomm mdm9206 firmware -
qualcomm mdm9206 -
qualcomm mdm9607 firmware -
qualcomm mdm9607 -
qualcomm mdm9650 firmware -
qualcomm mdm9650 -
qualcomm mdm9655 firmware -
qualcomm mdm9655 -
qualcomm msm8996au firmware -
qualcomm msm8996au -
qualcomm sd 210 firmware -
qualcomm sd 210 -
qualcomm sd 212 firmware -
qualcomm sd 212 -
qualcomm sd 205 firmware -
qualcomm sd 205 -
qualcomm sd 410 firmware -
qualcomm sd 410 -
qualcomm sd 412 firmware -
qualcomm sd 412 -
qualcomm sd 712 firmware -
qualcomm sd 712 -
qualcomm sd 710 firmware -
qualcomm sd 710 -
qualcomm sd 670 firmware -
qualcomm sd 670 -
qualcomm sd 820 firmware -
qualcomm sd 820 -
qualcomm sd 820a firmware -
qualcomm sd 820a -
qualcomm sd 835 firmware -
qualcomm sd 835 -
qualcomm sd 845 firmware -
qualcomm sd 845 -
qualcomm sd 850 firmware -
qualcomm sd 850 -
qualcomm sdx24 firmware -
qualcomm sdx24 -
qualcomm sxr1130 firmware -
qualcomm sxr1130 -
qualcomm snapdragon mobile -
Denotes that component is vulnerable