CVE-2018-5903
HIGHSnapdragon Auto/Mobile/Industrial/IoT - Out of bounds read
Title source: llmDescription
Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin
Scores
CVSS v3
7.8
EPSS
0.0011
EPSS Percentile
28.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-129
Status
published
Products (30)
qualcomm/mdm9206_firmware
qualcomm/mdm9607_firmware
qualcomm/mdm9640_firmware
qualcomm/mdm9650_firmware
qualcomm/msm8996au_firmware
qualcomm/qcs405_firmware
qualcomm/qcs605_firmware
qualcomm/sd_205_firmware
qualcomm/sd_210_firmware
qualcomm/sd_212_firmware
... and 20 more
Published
Jun 14, 2019
Tracked Since
Feb 18, 2026