← Back

CVE-2018-11838

nvd nist
Published: Mar 5, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20

Affected (6)

Qualcomm
6 products
Apq8053 Firmware
Mdm9640 Firmware
Sda660 Firmware
Sdm636 Firmware
Sdm660 Firmware
Sdx20 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8053 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8053
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mdm9640 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Mdm9640
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sda660 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sda660
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm636 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm636
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm660 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm660
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx20 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdx20
All versions

Related CWEs

CWE-415
Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (2)

Source: product-security@qualcomm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.