What is CVE-2018-11971?

CVE-2018-11971 is a vulnerability that may undermine access control policy in Snapdragon devices, leading to potential secure asset leakage.

Which software and devices are affected by CVE-2018-11971?

CVE-2018-11971 affects Qualcomm MDM9206, Qualcomm MDM9607, Qualcomm MDM9650, Qualcomm MDM9655, Qualcomm Qcs605, Qualcomm SD 410, Qualcomm SD 412, Qualcomm SD 615, Qualcomm SD 616, Qualcomm SD 415, Qualcomm SD 636, Qualcomm SD 712, Qualcomm SD 710, Qualcomm SD 670, Qualcomm SD 845, Qualcomm SD 850, Qualcomm SD 8cx, Qualcomm SDA660, Qualcomm SDM630, Qualcomm SDM660, Qualcomm SXR1130 devices.

What is the severity level of CVE-2018-11971?

The severity of CVE-2018-11971 is high (severity value: 5.5).

How can I fix the CVE-2018-11971 vulnerability?

To fix the CVE-2018-11971 vulnerability, it is recommended to apply the patches provided by Qualcomm and follow the recommendations mentioned in the Android security bulletin.

Where can I find more information about CVE-2018-11971?

You can find more information about CVE-2018-11971 in the Android security bulletin and the Qualcomm product security bulletins.

Vulnerability/
CVE-2018-11971

medium

5.5

CWE

200

4/3/2019

4/4/2019

26/8/2024

CVE-2018-11971: Infoleak

First published: Mon Mar 04 2019(Updated: )

Interrupt exit code flow may undermine access control policy set forth by secure world can lead to potential secure asset leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
Qualcomm MDM9206
Qualcomm MDM9206 firmware
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
Qualcomm MDM9650
Qualcomm MDM9650 firmware
Qualcomm MDM9655 firmware
Qualcomm MDM9655 firmware
Qualcomm ZZ QCS605 firmware
Qualcomm QCS605 Firmware
Qualcomm SD410 Firmware
Qualcomm Snapdragon 410
Qualcomm SD412 Firmware
Qualcomm SD412
Qualcomm SD615 Firmware
Qualcomm Snapdragon 615
Qualcomm SD 616 Firmware
Qualcomm Snapdragon 616
Qualcomm Snapdragon 415 Firmware
Qualcomm Snapdragon 415
Qualcomm SDM636 Firmware
Qualcomm Snapdragon 636
Qualcomm Snapdragon 712 Firmware
Qualcomm Snapdragon 712
qualcomm sdm710 firmware
Qualcomm Snapdragon 710
Qualcomm SDM670 Firmware
Qualcomm SDM670
Qualcomm SDA845 Firmware
Qualcomm SD845
Qualcomm SD850 Firmware
Qualcomm SD850
Qualcomm SD 8cx firmware
Qualcomm Snapdragon 8cx
Qualcomm SDA660
Qualcomm SDA660
qualcomm SDM630 firmware
qualcomm SDM630
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660
Qualcomm SXR1130
Qualcomm SXR1130 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-11971?
CVE-2018-11971 is a vulnerability that may undermine access control policy in Snapdragon devices, leading to potential secure asset leakage.
Which software and devices are affected by CVE-2018-11971?
CVE-2018-11971 affects Qualcomm MDM9206, Qualcomm MDM9607, Qualcomm MDM9650, Qualcomm MDM9655, Qualcomm Qcs605, Qualcomm SD 410, Qualcomm SD 412, Qualcomm SD 615, Qualcomm SD 616, Qualcomm SD 415, Qualcomm SD 636, Qualcomm SD 712, Qualcomm SD 710, Qualcomm SD 670, Qualcomm SD 845, Qualcomm SD 850, Qualcomm SD 8cx, Qualcomm SDA660, Qualcomm SDM630, Qualcomm SDM660, Qualcomm SXR1130 devices.
What is the severity level of CVE-2018-11971?
The severity of CVE-2018-11971 is high (severity value: 5.5).
How can I fix the CVE-2018-11971 vulnerability?
To fix the CVE-2018-11971 vulnerability, it is recommended to apply the patches provided by Qualcomm and follow the recommendations mentioned in the Android security bulletin.
Where can I find more information about CVE-2018-11971?
You can find more information about CVE-2018-11971 in the Android security bulletin and the Qualcomm product security bulletins.

agent/type
agent/first-publish-date
agent/references
agent/severity
agent/author
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
collector/android-source
source/Android
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/google
canonical/android
vendor/qualcomm
canonical/qualcomm mdm9206
canonical/qualcomm mdm9206 firmware
canonical/qualcomm md9607 firmware
canonical/qualcomm mdm9607 firmware
canonical/qualcomm mdm9650
canonical/qualcomm mdm9650 firmware
canonical/qualcomm mdm9655 firmware
canonical/qualcomm zz qcs605 firmware
canonical/qualcomm qcs605 firmware
canonical/qualcomm sd410 firmware
canonical/qualcomm snapdragon 410
canonical/qualcomm sd412 firmware
canonical/qualcomm sd412
canonical/qualcomm sd615 firmware
canonical/qualcomm snapdragon 615
canonical/qualcomm sd 616 firmware
canonical/qualcomm snapdragon 616
canonical/qualcomm snapdragon 415 firmware
canonical/qualcomm snapdragon 415
canonical/qualcomm sdm636 firmware
canonical/qualcomm snapdragon 636
canonical/qualcomm snapdragon 712 firmware
canonical/qualcomm snapdragon 712
canonical/qualcomm sdm710 firmware
canonical/qualcomm snapdragon 710
canonical/qualcomm sdm670 firmware
canonical/qualcomm sdm670
canonical/qualcomm sda845 firmware
canonical/qualcomm sd845
canonical/qualcomm sd850 firmware
canonical/qualcomm sd850
canonical/qualcomm sd 8cx firmware
canonical/qualcomm snapdragon 8cx
canonical/qualcomm sda660
canonical/qualcomm sdm630 firmware
canonical/qualcomm sdm630
canonical/qualcomm sd660 firmware
canonical/qualcomm snapdragon 660
canonical/qualcomm sxr1130
canonical/qualcomm sxr1130 firmware