First published: Thu Apr 04 2019(Updated: )
Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm Mdm9206 Firmware | ||
Qualcomm Mdm9206 | ||
Qualcomm Mdm9607 Firmware | ||
Qualcomm Mdm9607 | ||
Qualcomm Mdm9650 Firmware | ||
Qualcomm Mdm9650 | ||
Qualcomm Mdm9655 Firmware | ||
Qualcomm Mdm9655 | ||
Qualcomm Msm8996au Firmware | ||
Qualcomm Msm8996au | ||
Qualcomm Sd 410 Firmware | ||
Qualcomm Sd 410 | ||
Qualcomm Sd 412 Firmware | ||
Qualcomm Sd 412 | ||
Qualcomm Sd 820a Firmware | ||
Qualcomm Sd 820a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-11830.
The severity of CVE-2018-11830 is high with a severity value of 7.8.
The affected software includes Qualcomm Mdm9206 Firmware, Qualcomm Mdm9650 Firmware, Qualcomm Mdm9655 Firmware, and Qualcomm Sd 410 Firmware.
CVE-2018-11830 occurs due to improper input validation in the QCPE create function, leading to an integer overflow.
You can find more information about CVE-2018-11830 on the Qualcomm Product Security Bulletins page at https://www.qualcomm.com/company/product-security/bulletins.