AndroidVulnerabilities.org

CVE-2018-11940

(json)

• CVE numbers: CVE-2018-11940 [Bulletin-CVE-2018-11940]
• Coordinated disclosure?: unknown
• Categories: Qualcomm components
• Details: Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130 [NIST-CVE-2018-11940]
• Discovered by: Pengfei Ding (丁鹏飞) of Huawei [Discovery-CVE-2018-11940] on: Unknown
• Reported on: 2019-04-01 [Bulletin-CVE-2018-11940]
• Fixed on: 2018-06-08 [QC-CR#2254946]
• Fix released on: 2019-04-05 [Bulletin-CVE-2018-11940]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2018-11940]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24