CVE-2018-11287: Input Validation
First published: Tue Sep 04 2018(Updated: )
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm MDM9206 | ||
| Qualcomm MDM9206 firmware | ||
| Qualcomm MD9607 Firmware | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm MDM9650 | ||
| Qualcomm MDM9650 firmware | ||
| Qualcomm 8909 Firmware | ||
| Qualcomm Snapdragon 8909 | ||
| qualcomm MSM8996AU firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm SD 210 Firmware | ||
| Qualcomm SD210 Firmware | ||
| Qualcomm SD 212 Firmware | ||
| Qualcomm SD 212 | ||
| Qualcomm 205 Firmware | ||
| Qualcomm Snapdragon 205 | ||
| Qualcomm SD425 Firmware | ||
| Qualcomm Snapdragon 425 | ||
| Qualcomm SD 427 firmware | ||
| Qualcomm SD427 Firmware | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm Snapdragon 430 | ||
| Qualcomm Snapdragon 435 Firmware | ||
| Qualcomm Snapdragon 435 | ||
| Qualcomm SD 450 Firmware | ||
| Qualcomm Snapdragon 450 | ||
| Qualcomm SD 625 Firmware | ||
| Qualcomm Snapdragon 625 | ||
| Qualcomm SD 650 Firmware | ||
| Qualcomm Snapdragon 650 | ||
| Qualcomm SD 652 Firmware | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD 820 Firmware | ||
| Qualcomm Snapdragon 820 | ||
| Qualcomm SD 820A firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm Snapdragon 835 | ||
| Qualcomm Snapdragon 835 | ||
| Qualcomm SDA845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SD850 Firmware | ||
| Qualcomm Snapdragon 850 | ||
| Qualcomm SDA660 | ||
| Qualcomm SDA660 | ||
| Qualcomm SDM429W | ||
| Qualcomm SD429 | ||
| Qualcomm SDM439 Firmware | ||
| Qualcomm SDM439 Firmware | ||
| Qualcomm SDM630 | ||
| Qualcomm SDM630 Firmware | ||
| Qualcomm SDM632 Firmware | ||
| Qualcomm SDM632 Firmware | ||
| Qualcomm SD 636 Firmware | ||
| Qualcomm SDM636 Firmware | ||
| Qualcomm SD660 Firmware | ||
| Qualcomm Snapdragon 660 | ||
| Qualcomm SD 710 Firmware | ||
| Qualcomm Snapdragon 710 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-11287?
CVE-2018-11287 is a vulnerability in Snapdragon (Automobile, Mobile, Wear) in multiple Qualcomm products that could allow an attacker to execute arbitrary code within the context of the kernel.
What is the severity of CVE-2018-11287?
CVE-2018-11287 has a severity rating of 9.8 out of 10, which is classified as critical.
Which software and devices are affected by CVE-2018-11287?
CVE-2018-11287 affects multiple Qualcomm products including MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, and SDM710.
How can I fix CVE-2018-11287?
To fix CVE-2018-11287, it is recommended to apply the relevant patches provided by Qualcomm and Google.
Where can I find more information about CVE-2018-11287?
More information about CVE-2018-11287 can be found on the Google Android Security Bulletin, Qualcomm Product Security Bulletins, and the official Android documentation.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/last-modified-date
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm md9607 firmware
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9650
- canonical/qualcomm mdm9650 firmware
- canonical/qualcomm 8909 firmware
- canonical/qualcomm snapdragon 8909
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm sd 210 firmware
- canonical/qualcomm sd210 firmware
- canonical/qualcomm sd 212 firmware
- canonical/qualcomm sd 212
- canonical/qualcomm 205 firmware
- canonical/qualcomm snapdragon 205
- canonical/qualcomm sd425 firmware
- canonical/qualcomm snapdragon 425
- canonical/qualcomm sd 427 firmware
- canonical/qualcomm sd427 firmware
- canonical/qualcomm sd 430 firmware
- canonical/qualcomm snapdragon 430
- canonical/qualcomm snapdragon 435 firmware
- canonical/qualcomm snapdragon 435
- canonical/qualcomm sd 450 firmware
- canonical/qualcomm snapdragon 450
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm snapdragon 625
- canonical/qualcomm sd 650 firmware
- canonical/qualcomm snapdragon 650
- canonical/qualcomm sd 652 firmware
- canonical/qualcomm sd652 firmware
- canonical/qualcomm sd 820 firmware
- canonical/qualcomm snapdragon 820
- canonical/qualcomm sd 820a firmware
- canonical/qualcomm sd820a firmware
- canonical/qualcomm snapdragon 835
- canonical/qualcomm sda845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sd850 firmware
- canonical/qualcomm snapdragon 850
- canonical/qualcomm sda660
- canonical/qualcomm sdm429w
- canonical/qualcomm sd429
- canonical/qualcomm sdm439 firmware
- canonical/qualcomm sdm630
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm sdm632 firmware
- canonical/qualcomm sd 636 firmware
- canonical/qualcomm sdm636 firmware
- canonical/qualcomm sd660 firmware
- canonical/qualcomm snapdragon 660
- canonical/qualcomm sd 710 firmware
- canonical/qualcomm snapdragon 710