Vulnerability CVE-2018-5913 - CERT Civis.Net

Vulnerability Name:

CVE-2018-5913 (CCN-162622)

Assigned:

2018-01-19

Published:

2019-06-03

Updated:

2019-06-17

Summary:

A non-time constant function memcmp is used which creates a side channel that could leak information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2018-5913

Source: XF
Type: UNKNOWN
qualcomm-cve20185913-info-disc(162622)

Source: CCN
Type: Qualcomm Web site
Security bulletins

Source: CONFIRM
Type: Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins

Vulnerable Configuration:

Configuration 1:

cpe:/o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9150:-:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9625:-:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 7:

cpe:/o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 8:

cpe:/o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:mdm9655:-:*:*:*:*:*:*:*

Configuration 9:

cpe:/o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 10:

cpe:/o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 11:

cpe:/o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 12:

cpe:/o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:qcs605:-:*:*:*:*:*:*:*

Configuration 13:

cpe:/o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:qm215:-:*:*:*:*:*:*:*

Configuration 14:

cpe:/o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_210:-:*:*:*:*:*:*:*

Configuration 15:

cpe:/o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_212:-:*:*:*:*:*:*:*

Configuration 16:

cpe:/o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_205:-:*:*:*:*:*:*:*

Configuration 17:

cpe:/o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_410:-:*:*:*:*:*:*:*

Configuration 18:

cpe:/o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_412:-:*:*:*:*:*:*:*

Configuration 19:

cpe:/o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_425:-:*:*:*:*:*:*:*

Configuration 20:

cpe:/o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_427:-:*:*:*:*:*:*:*

Configuration 21:

cpe:/o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_430:-:*:*:*:*:*:*:*

Configuration 22:

cpe:/o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_435:-:*:*:*:*:*:*:*

Configuration 23:

cpe:/o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_439:-:*:*:*:*:*:*:*

Configuration 24:

cpe:/o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_429:-:*:*:*:*:*:*:*

Configuration 25:

cpe:/o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_450:-:*:*:*:*:*:*:*

Configuration 26:

cpe:/o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_615:-:*:*:*:*:*:*:*

Configuration 27:

cpe:/o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_616:-:*:*:*:*:*:*:*

Configuration 28:

cpe:/o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_415:-:*:*:*:*:*:*:*

Configuration 29:

cpe:/o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_625:-:*:*:*:*:*:*:*

Configuration 30:

cpe:/o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_632:-:*:*:*:*:*:*:*

Configuration 31:

cpe:/o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_636:-:*:*:*:*:*:*:*

Configuration 32:

cpe:/o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_650:-:*:*:*:*:*:*:*

Configuration 33:

cpe:/o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_652:-:*:*:*:*:*:*:*

Configuration 34:

cpe:/o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_675:-:*:*:*:*:*:*:*

Configuration 35:

cpe:/o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_712:-:*:*:*:*:*:*:*

Configuration 36:

cpe:/o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_710:-:*:*:*:*:*:*:*

Configuration 37:

cpe:/o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_670:-:*:*:*:*:*:*:*

Configuration 38:

cpe:/o:qualcomm:sd_730_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_730:-:*:*:*:*:*:*:*

Configuration 39:

cpe:/o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_820:-:*:*:*:*:*:*:*

Configuration 40:

cpe:/o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_820a:-:*:*:*:*:*:*:*

Configuration 41:

cpe:/o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_835:-:*:*:*:*:*:*:*

Configuration 42:

cpe:/o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_845:-:*:*:*:*:*:*:*

Configuration 43:

cpe:/o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_850:-:*:*:*:*:*:*:*

Configuration 44:

cpe:/o:qualcomm:sd_855_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_855:-:*:*:*:*:*:*:*

Configuration 45:

cpe:/o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*

Configuration 46:

cpe:/o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sda660:-:*:*:*:*:*:*:*

Configuration 47:

cpe:/o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sdm439:-:*:*:*:*:*:*:*

Configuration 48:

cpe:/o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sdm630:-:*:*:*:*:*:*:*

Configuration 49:

cpe:/o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sdm660:-:*:*:*:*:*:*:*

Configuration 50:

cpe:/o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*

Configuration 51:

cpe:/o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:qualcomm:sxr1130:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:*

OR cpe:/h:qualcomm:snapdragon_auto:-:*:*:*:*:*:*:*

OR cpe:/h:qualcomm:snapdragon_compute:-:*:*:*:*:*:*:*

OR cpe:/h:qualcomm:snapdragon_connectivity:-:*:*:*:*:*:*:*

OR cpe:/h:qualcomm:snapdragon_voice_&_music:-:*:*:*:*:*:*:*

Denotes that component is vulnerable