When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.
References
Link | Resource |
---|---|
https://www.qualcomm.com/company/product-security/bulletins | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2018-10-29 11:29
Updated : 2018-12-07 07:05
NVD link : CVE-2018-11858
Mitre link : CVE-2018-11858
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
qualcomm
- sd_845
- sd_850_firmware
- sd_850
- sd_845_firmware
- sd_835
- sd_835_firmware