CVE-2018-5917
Last modified
CVE-2018-5917 is a vulnerability of currently unknown severity. Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.. EPSS estimates a 0.26% chance of exploitation in the next 30 days.
Description
Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Msm8996au Firmware | All versions |
| Qualcomm | Sd 425 Firmware | All versions |
| Qualcomm | Sd 430 Firmware | All versions |
| Qualcomm | Sd 450 Firmware | All versions |
| Qualcomm | Sd 625 Firmware | All versions |
| Qualcomm | Sd 820 Firmware | All versions |
| Qualcomm | Sd 820a Firmware | All versions |
| Qualcomm | Sd 835 Firmware | All versions |
| Qualcomm | Sd 845 Firmware | All versions |
| Qualcomm | Sd 850 Firmware | All versions |
| Qualcomm | Sda660 Firmware | All versions |
| Qualcomm | Sda845 Firmware | All versions |
| Qualcomm | Sdx24 Firmware | All versions |
| Qualcomm | Sxr1130 Firmware | All versions |
References
- http://www.securityfocus.com/bid/105838Third Party Advisory, VDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/105838Third Party Advisory, VDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-5917?
How severe is CVE-2018-5917?
How do I fix CVE-2018-5917?
Are you affected by CVE-2018-5917?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST