Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveQualcommCVE-2018-11982
HistorySep 20, 2018 - 1:29 p.m.

CVE-2018-11982

2018-09-2013:29:02
CWE-415
qualcomm
web.nvd.nist.gov
25
snapdragon
asn1
vulnerability
heap memory
security
cve-2018-11982

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure.

Affected configurations

Nvd
Node
qualcommmdm9206_firmwareMatch-
AND
qualcommmdm9206Match-
Node
qualcommmdm9607_firmwareMatch-
AND
qualcommmdm9607Match-
Node
qualcommmdm9635m_firmwareMatch-
AND
qualcommmdm9635mMatch-
Node
qualcommmdm9640_firmwareMatch-
AND
qualcommmdm9640Match-
Node
qualcommmdm9645_firmwareMatch-
AND
qualcommmdm9645Match-
Node
qualcommmdm9655_firmwareMatch-
AND
qualcommmdm9655Match-
Node
qualcommmsm8909w_firmwareMatch-
AND
qualcommmsm8909wMatch-
Node
qualcommmsm8996au_firmwareMatch-
AND
qualcommmsm8996auMatch-
Node
qualcommsd210_firmwareMatch-
AND
qualcommsd210Match-
Node
qualcommsd212_firmwareMatch-
AND
qualcommsd212Match-
Node
qualcommsd205_firmwareMatch-
AND
qualcommsd205Match-
Node
qualcommsd410_firmwareMatch-
AND
qualcommsd410Match-
Node
qualcommsd412_firmwareMatch-
AND
qualcommsd412Match-
Node
qualcommsd425_firmwareMatch-
AND
qualcommsd425Match-
Node
qualcommsd427_firmwareMatch-
AND
qualcommsd427Match-
Node
qualcommsd430_firmwareMatch-
AND
qualcommsd430Match-
Node
qualcommsd435_firmwareMatch-
AND
qualcommsd435Match-
Node
qualcommsd450_firmwareMatch-
AND
qualcommsd450Match-
Node
qualcommsd615_firmwareMatch-
AND
qualcommsd615Match-
Node
qualcommsd616_firmwareMatch-
AND
qualcommsd616Match-
Node
qualcommsd415_firmwareMatch-
AND
qualcommsd415Match-
Node
qualcommsd617_firmwareMatch-
AND
qualcommsd617Match-
Node
qualcommsd625_firmwareMatch-
AND
qualcommsd625Match-
Node
qualcommsd650_firmwareMatch-
AND
qualcommsd650Match-
Node
qualcommsd652_firmwareMatch-
AND
qualcommsd652Match-
Node
qualcommsd810_firmwareMatch-
AND
qualcommsd810Match-
Node
qualcommsd820_firmwareMatch-
AND
qualcommsd820Match-
Node
qualcommsd835_firmwareMatch-
AND
qualcommsd835Match-
VendorProductVersionCPE
qualcommmdm9206_firmware-cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
qualcommmdm9206-cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
qualcommmdm9607_firmware-cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
qualcommmdm9607-cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
qualcommmdm9635m_firmware-cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
qualcommmdm9635m-cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*
qualcommmdm9640_firmware-cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
qualcommmdm9640-cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
qualcommmdm9645_firmware-cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*
qualcommmdm9645-cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 561

CNA Affected

[
  {
    "product": "Snapdragon Mobile, Snapdragon Wear",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
      }
    ]
  }
]

Related

nvd 1
cvelist 1
prion 1
nvd
nvd
CVE-2018-11982
2018-09-20 13:29:02
cvelist
cvelist
CVE-2018-11982
2018-09-20 13:00:00
prion
prion
Double free
2018-09-20 13:29:00

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON
Related for CVE-2018-11982
nvd1cvelist1prion1