CVE-2018-11287: Input Validation
First published: Tue Sep 04 2018(Updated: )
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm MDM9206 firmware | ||
| Qualcomm MDM9206 | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm MDM9607 | ||
| Qualcomm MDM9650 firmware | ||
| Qualcomm MDM9650 | ||
| Qualcomm MSM8909W | ||
| Qualcomm MSM8909W | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm sd210 firmware | ||
| Qualcomm sd210 | ||
| qualcomm sd212 firmware | ||
| qualcomm sd212 | ||
| Qualcomm sd205 firmware | ||
| Qualcomm sd205 | ||
| qualcomm sd425 firmware | ||
| qualcomm sd425 | ||
| qualcomm sd427 firmware | ||
| qualcomm sd427 | ||
| qualcomm sd430 firmware | ||
| qualcomm sd430 | ||
| qualcomm sd435 firmware | ||
| qualcomm sd435 | ||
| Qualcomm sd450 firmware | ||
| Qualcomm sd450 | ||
| qualcomm sd625 firmware | ||
| qualcomm sd625 | ||
| qualcomm sd650 firmware | ||
| qualcomm sd650 | ||
| qualcomm sd652 firmware | ||
| qualcomm sd652 | ||
| qualcomm sd820 Firmware | ||
| qualcomm sd820 | ||
| qualcomm sd820a firmware | ||
| qualcomm sd820a | ||
| Qualcomm sd835 firmware | ||
| Qualcomm sd835 | ||
| Qualcomm sd845 firmware | ||
| Qualcomm sd845 | ||
| qualcomm sd850 firmware | ||
| qualcomm sd850 | ||
| qualcomm SDA660 firmware | ||
| qualcomm SDA660 | ||
| qualcomm SDM429 firmware | ||
| qualcomm SDM429 | ||
| qualcomm SDM439 firmware | ||
| qualcomm SDM439 | ||
| qualcomm SDM630 firmware | ||
| qualcomm SDM630 | ||
| qualcomm SDM632 firmware | ||
| qualcomm SDM632 | ||
| qualcomm SDM636 firmware | ||
| qualcomm SDM636 | ||
| qualcomm SDM660 firmware | ||
| qualcomm SDM660 | ||
| qualcomm sdm710 firmware | ||
| qualcomm sdm710 | ||
| Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-11287?
CVE-2018-11287 is a vulnerability in Snapdragon (Automobile, Mobile, Wear) in multiple Qualcomm products that could allow an attacker to execute arbitrary code within the context of the kernel.
What is the severity of CVE-2018-11287?
CVE-2018-11287 has a severity rating of 9.8 out of 10, which is classified as critical.
Which software and devices are affected by CVE-2018-11287?
CVE-2018-11287 affects multiple Qualcomm products including MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, and SDM710.
How can I fix CVE-2018-11287?
To fix CVE-2018-11287, it is recommended to apply the relevant patches provided by Qualcomm and Google.
Where can I find more information about CVE-2018-11287?
More information about CVE-2018-11287 can be found on the Google Android Security Bulletin, Qualcomm Product Security Bulletins, and the official Android documentation.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/last-modified-date
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- vendor/qualcomm
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9607
- canonical/qualcomm mdm9650 firmware
- canonical/qualcomm mdm9650
- canonical/qualcomm msm8909w
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm sd210 firmware
- canonical/qualcomm sd210
- canonical/qualcomm sd212 firmware
- canonical/qualcomm sd212
- canonical/qualcomm sd205 firmware
- canonical/qualcomm sd205
- canonical/qualcomm sd425 firmware
- canonical/qualcomm sd425
- canonical/qualcomm sd427 firmware
- canonical/qualcomm sd427
- canonical/qualcomm sd430 firmware
- canonical/qualcomm sd430
- canonical/qualcomm sd435 firmware
- canonical/qualcomm sd435
- canonical/qualcomm sd450 firmware
- canonical/qualcomm sd450
- canonical/qualcomm sd625 firmware
- canonical/qualcomm sd625
- canonical/qualcomm sd650 firmware
- canonical/qualcomm sd650
- canonical/qualcomm sd652 firmware
- canonical/qualcomm sd652
- canonical/qualcomm sd820 firmware
- canonical/qualcomm sd820
- canonical/qualcomm sd820a firmware
- canonical/qualcomm sd820a
- canonical/qualcomm sd835 firmware
- canonical/qualcomm sd835
- canonical/qualcomm sd845 firmware
- canonical/qualcomm sd845
- canonical/qualcomm sd850 firmware
- canonical/qualcomm sd850
- canonical/qualcomm sda660 firmware
- canonical/qualcomm sda660
- canonical/qualcomm sdm429 firmware
- canonical/qualcomm sdm429
- canonical/qualcomm sdm439 firmware
- canonical/qualcomm sdm439
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm sdm630
- canonical/qualcomm sdm632 firmware
- canonical/qualcomm sdm632
- canonical/qualcomm sdm636 firmware
- canonical/qualcomm sdm636
- canonical/qualcomm sdm660 firmware
- canonical/qualcomm sdm660
- canonical/qualcomm sdm710 firmware
- canonical/qualcomm sdm710
- vendor/google
- canonical/android