CVE-2018-13912
Last modified
CVE-2018-13912 is a vulnerability of currently unknown severity. Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24.. EPSS estimates a 0.20% chance of exploitation in the next 30 days.
Description
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Snapdragon Auto Firmware | All versions |
| Qualcomm | Snapdragon Connectivity Firmware | All versions |
| Qualcomm | Snapdragon Consumer Internet Of Things Firmware | All versions |
| Qualcomm | Snapdragon Industrial Internet Of Things Firmware | All versions |
| Qualcomm | Snapdragon Mobile Firmware | All versions |
| Qualcomm | Snapdragon Voice \& Music Firmware | All versions |
| Qualcomm | Mdm9150 Firmware | All versions |
| Qualcomm | Mdm9206 Firmware | All versions |
| Qualcomm | Mdm9607 Firmware | All versions |
| Qualcomm | Mdm9640 Firmware | All versions |
| Qualcomm | Mdm9650 Firmware | All versions |
| Qualcomm | Msm8909w Firmware | All versions |
| Qualcomm | Msm8996au Firmware | All versions |
| Qualcomm | Qcs605 Firmware | All versions |
| Qualcomm | Sd 210 Firmware | All versions |
| Qualcomm | Sd 212 Firmware | All versions |
| Qualcomm | Sd 205 Firmware | All versions |
| Qualcomm | Sd 425 Firmware | All versions |
| Qualcomm | Sd 439 Firmware | All versions |
| Qualcomm | Sd 429 Firmware | All versions |
| Qualcomm | Sd 625 Firmware | All versions |
| Qualcomm | Sd 636 Firmware | All versions |
| Qualcomm | Sd 712 Firmware | All versions |
| Qualcomm | Sd 710 Firmware | All versions |
| Qualcomm | Sd 670 Firmware | All versions |
| Qualcomm | Sd 820 Firmware | All versions |
| Qualcomm | Sd 820a Firmware | All versions |
| Qualcomm | Sd 835 Firmware | All versions |
| Qualcomm | Sd 845 Firmware | All versions |
| Qualcomm | Sd 850 Firmware | All versions |
| Qualcomm | Sda660 Firmware | All versions |
| Qualcomm | Sdm439 Firmware | All versions |
| Qualcomm | Sdm630 Firmware | All versions |
| Qualcomm | Sdm660 Firmware | All versions |
| Qualcomm | Sdx20 Firmware | All versions |
| Qualcomm | Sdx24 Firmware | All versions |
References
- https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletinPatch, Third Party Advisory
- https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletinPatch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-13912?
How severe is CVE-2018-13912?
How do I fix CVE-2018-13912?
Are you affected by CVE-2018-13912?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST