CVE-2018-11850
HIGHSnapdragon Automobile/Mobile/Wear < various - Buffer Overflow
Title source: llmDescription
Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107681
Scores
CVSS v3
7.8
EPSS
0.0004
EPSS Percentile
11.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (24)
qualcomm/mdm9206_firmware
qualcomm/mdm9607_firmware
qualcomm/mdm9640_firmware
qualcomm/mdm9650_firmware
qualcomm/msm8996au_firmware
qualcomm/qca6174a_firmware
qualcomm/qca6574au_firmware
qualcomm/qca6584_firmware
qualcomm/qca6584au_firmware
qualcomm/qca9377_firmware
... and 14 more
Published
Oct 26, 2018
Tracked Since
Feb 18, 2026