CVE-2018-11982

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2018-11982
In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure.

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

8.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:A/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 6.5 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd212:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sd410_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd410:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sd412_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd412:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sd615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd615:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sd616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd616:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:sd415_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd415:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:sd617_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd617:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd625:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd650:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd652:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:sd810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd810:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*
Information

Published : 2018-09-20 06:29

Updated : 2018-11-23 10:07

NVD link : CVE-2018-11982

Mitre link : CVE-2018-11982

JSON object : View

CWE
CWE-415

Double Free

Advertisement

dedicated server usa
Products Affected

qualcomm

  • sd205
  • sd427
  • sd205_firmware
  • mdm9607
  • sd652
  • sd410
  • sd435
  • msm8909w
  • sd410_firmware
  • mdm9607_firmware
  • sd617_firmware
  • sd210
  • sd615_firmware
  • sd616
  • mdm9640_firmware
  • sd415_firmware
  • sd650_firmware
  • sd820
  • sd652_firmware
  • sd835
  • sd425_firmware
  • sd450_firmware
  • mdm9206_firmware
  • mdm9645
  • mdm9206
  • sd616_firmware
  • sd617
  • sd625
  • mdm9655_firmware
  • mdm9635m
  • mdm9645_firmware
  • sd810
  • sd212
  • sd625_firmware
  • msm8996au_firmware
  • sd212_firmware
  • sd835_firmware
  • mdm9635m_firmware
  • mdm9640
  • sd430_firmware
  • sd430
  • sd615
  • sd425
  • sd415
  • sd820_firmware
  • sd810_firmware
  • sd412_firmware
  • sd435_firmware
  • sd650
  • sd427_firmware
  • mdm9655
  • sd450
  • msm8996au
  • sd412
  • msm8909w_firmware
  • sd210_firmware