Vulnerability Name: | CVE-2018-11982 (CCN-150199) |
Assigned: | 2018-09-04 |
Published: | 2018-09-04 |
Updated: | 2018-11-23 |
Summary: | In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure.
|
CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Adjacent Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): High Integrity (I): High Availibility (A): High | 9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): High Integrity (I): High Availibility (A): High |
|
CVSS v2 Severity: | 8.3 High (CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C)Exploitability Metrics: | Access Vector (AV): Adjacent_Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete | 10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete |
|
Vulnerability Type: | CWE-415
|
Vulnerability Consequences: | Gain Access |
References: | Source: MITRE Type: CNA CVE-2018-11982
Source: XF Type: UNKNOWN qualcomm-cve201811982-bo(150199)
Source: CCN Type: Qualcomm Web site Security Bulletins
Source: CONFIRM Type: Third Party Advisory https://www.qualcomm.com/company/product-security/bulletins
|
Vulnerable Configuration: | Configuration 1: cpe:/o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:mdm9206:-:*:*:*:*:*:*:* Configuration 2: cpe:/o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:mdm9607:-:*:*:*:*:*:*:* Configuration 3: cpe:/o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:mdm9635m:-:*:*:*:*:*:*:* Configuration 4: cpe:/o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:mdm9640:-:*:*:*:*:*:*:* Configuration 5: cpe:/o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:mdm9645:-:*:*:*:*:*:*:* Configuration 6: cpe:/o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:mdm9655:-:*:*:*:*:*:*:* Configuration 7: cpe:/o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:msm8909w:-:*:*:*:*:*:*:* Configuration 8: cpe:/o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:msm8996au:-:*:*:*:*:*:*:* Configuration 9: cpe:/o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd210:-:*:*:*:*:*:*:* Configuration 10: cpe:/o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd212:-:*:*:*:*:*:*:* Configuration 11: cpe:/o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd205:-:*:*:*:*:*:*:* Configuration 12: cpe:/o:qualcomm:sd410_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd410:-:*:*:*:*:*:*:* Configuration 13: cpe:/o:qualcomm:sd412_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd412:-:*:*:*:*:*:*:* Configuration 14: cpe:/o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd425:-:*:*:*:*:*:*:* Configuration 15: cpe:/o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd427:-:*:*:*:*:*:*:* Configuration 16: cpe:/o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd430:-:*:*:*:*:*:*:* Configuration 17: cpe:/o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd435:-:*:*:*:*:*:*:* Configuration 18: cpe:/o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd450:-:*:*:*:*:*:*:* Configuration 19: cpe:/o:qualcomm:sd615_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd615:-:*:*:*:*:*:*:* Configuration 20: cpe:/o:qualcomm:sd616_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd616:-:*:*:*:*:*:*:* Configuration 21: cpe:/o:qualcomm:sd415_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd415:-:*:*:*:*:*:*:* Configuration 22: cpe:/o:qualcomm:sd617_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd617:-:*:*:*:*:*:*:* Configuration 23: cpe:/o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd625:-:*:*:*:*:*:*:* Configuration 24: cpe:/o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd650:-:*:*:*:*:*:*:* Configuration 25: cpe:/o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd652:-:*:*:*:*:*:*:* Configuration 26: cpe:/o:qualcomm:sd810_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd810:-:*:*:*:*:*:*:* Configuration 27: cpe:/o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd820:-:*:*:*:*:*:*:* Configuration 28: cpe:/o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*AND cpe:/h:qualcomm:sd835:-:*:*:*:*:*:*:* Configuration CCN 1: cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:*
Denotes that component is vulnerable |
BACK |
qualcomm mdm9206 firmware -
qualcomm mdm9206 -
qualcomm mdm9607 firmware -
qualcomm mdm9607 -
qualcomm mdm9635m firmware -
qualcomm mdm9635m -
qualcomm mdm9640 firmware -
qualcomm mdm9640 -
qualcomm mdm9645 firmware -
qualcomm mdm9645 -
qualcomm mdm9655 firmware -
qualcomm mdm9655 -
qualcomm msm8909w firmware -
qualcomm msm8909w -
qualcomm msm8996au firmware -
qualcomm msm8996au -
qualcomm sd210 firmware -
qualcomm sd210 -
qualcomm sd212 firmware -
qualcomm sd212 -
qualcomm sd205 firmware -
qualcomm sd205 -
qualcomm sd410 firmware -
qualcomm sd410 -
qualcomm sd412 firmware -
qualcomm sd412 -
qualcomm sd425 firmware -
qualcomm sd425 -
qualcomm sd427 firmware -
qualcomm sd427 -
qualcomm sd430 firmware -
qualcomm sd430 -
qualcomm sd435 firmware -
qualcomm sd435 -
qualcomm sd450 firmware -
qualcomm sd450 -
qualcomm sd615 firmware -
qualcomm sd615 -
qualcomm sd616 firmware -
qualcomm sd616 -
qualcomm sd415 firmware -
qualcomm sd415 -
qualcomm sd617 firmware -
qualcomm sd617 -
qualcomm sd625 firmware -
qualcomm sd625 -
qualcomm sd650 firmware -
qualcomm sd650 -
qualcomm sd652 firmware -
qualcomm sd652 -
qualcomm sd810 firmware -
qualcomm sd810 -
qualcomm sd820 firmware -
qualcomm sd820 -
qualcomm sd835 firmware -
qualcomm sd835 -
qualcomm snapdragon mobile -