CVE-2018-11838

HIGH

Snapdragon - Memory Corruption

Title source: llm

Description

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20

References (1)

[Patch, Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin

Scores

CVSS v3 7.8

EPSS 0.0009

EPSS Percentile 26.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (6)

qualcomm/apq8053_firmware

qualcomm/mdm9640_firmware

qualcomm/sda660_firmware

qualcomm/sdm636_firmware

qualcomm/sdm660_firmware

qualcomm/sdx20_firmware

Timeline

Published Mar 05, 2020

Tracked Since Feb 18, 2026