AndroidVulnerabilities.org

CVE-2018-11976

(json)

• CVE numbers: CVE-2018-11976 [Bulletin-CVE-2018-11976]
• Coordinated disclosure?: unknown
• Categories: Qualcomm closed-source components
• Details: ECDSA signature code leaks private keys from secure world to non-secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 [NIST-CVE-2018-11976]
• Discovered by: NCC Group [Discovery-CVE-2018-11976] on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-11976]
• Fixed on: Unknown
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-11976]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11976]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24