Unrated severityNVD Advisory· Published May 24, 2019· Updated Aug 5, 2024
CVE-2018-11940
CVE-2018-11940
Description
Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130
Affected products
2- Qualcomm, Inc./Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobilev5Range: MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130
Patches
Vulnerability mechanics
References
1- www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletinmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.