CVE-2018-11970

Published: Apr 4, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130

Affected (18)

Products: Qualcomm: Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware, Mdm9655 Firmware, Qcs605 Firmware, Sd 410 Firmware, Sd 412 Firmware, Sd 636 Firmware, Sd 712 Firmware, Sd 710 Firmware, Sd 670 Firmware, Sd 845 Firmware, Sd 850 Firmware, Sd 8cx Firmware, Sda660 Firmware, Sdm630 Firmware, Sdm660 Firmware, Sxr1130 Firmware

18 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9206 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9206	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9607 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9607	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9650	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9655 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9655	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs605 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs605	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 410 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 410	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 412 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 412	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 636 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 636	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 712 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 712	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 710	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 670 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 670	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 845	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 850	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 8cx Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 8cx	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sda660 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sda660	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm630 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm630	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm660 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm660	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr1130 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr1130	All versions

References (2)

https://www.qualcomm.com/company/product-security/bulletins

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.