What is the severity of CVE-2018-13905?

CVE-2018-13905 has a medium severity rating due to its potential to lead to use after free vulnerabilities.

How do I fix CVE-2018-13905?

To mitigate CVE-2018-13905, it is recommended to apply the latest security patches provided by Qualcomm or your device manufacturer.

Which devices are affected by CVE-2018-13905?

CVE-2018-13905 affects a range of Qualcomm Snapdragon devices, including MDM9206, MDM9607, and various Snapdragon series.

What kind of vulnerability is CVE-2018-13905?

CVE-2018-13905 is classified as a use after free vulnerability resulting from improper handling of syncsource locks.

Can CVE-2018-13905 be exploited remotely?

Yes, CVE-2018-13905 could potentially be exploited remotely if an attacker has access to the affected device's software.

Vulnerability/
CVE-2018-13905

high

7.8

CWE

416

4/2/2019

25/2/2019

26/8/2024

CVE-2018-13905: Use After Free

First published: Mon Feb 04 2019(Updated: )

KGSL syncsource lock not handled properly during syncsource cleanup can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, SD 210/SD 212/SD 205, SD 439 / SD 429, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
Qualcomm MDM9206
Qualcomm MDM9206 firmware
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
Qualcomm MDM9650
Qualcomm MDM9650 firmware
Qualcomm MSM8909W
Qualcomm Snapdragon 8909
Qualcomm ZZ QCS605 firmware
Qualcomm QCS605 Firmware
Qualcomm SD210 Firmware
Qualcomm SD 210 Firmware
Qualcomm SD 212
Qualcomm SD 212 Firmware
Qualcomm SD205 Firmware
Qualcomm SD205 Firmware
Qualcomm SD 439
Qualcomm SD 439 firmware
Qualcomm SD429 Firmware
Qualcomm SD 429 Firmware
Qualcomm Snapdragon 712 Firmware
Qualcomm Snapdragon 712
qualcomm sdm710 firmware
Qualcomm Snapdragon 710
Qualcomm SDM670 Firmware
Qualcomm SDM670
Qualcomm SD820A Firmware
Qualcomm SD820A Firmware
Qualcomm SDA845 Firmware
Qualcomm SD845
Qualcomm SD850 Firmware
Qualcomm SD850
Qualcomm SD855 Firmware
Qualcomm SD855 Firmware
qualcomm SDM439 firmware
Qualcomm SDM439 Firmware
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660
Qualcomm SDX24
Qualcomm SDX24

Remedy

https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-13905?
CVE-2018-13905 has a medium severity rating due to its potential to lead to use after free vulnerabilities.
How do I fix CVE-2018-13905?
To mitigate CVE-2018-13905, it is recommended to apply the latest security patches provided by Qualcomm or your device manufacturer.
Which devices are affected by CVE-2018-13905?
CVE-2018-13905 affects a range of Qualcomm Snapdragon devices, including MDM9206, MDM9607, and various Snapdragon series.
What kind of vulnerability is CVE-2018-13905?
CVE-2018-13905 is classified as a use after free vulnerability resulting from improper handling of syncsource locks.
Can CVE-2018-13905 be exploited remotely?
Yes, CVE-2018-13905 could potentially be exploited remotely if an attacker has access to the affected device's software.

agent/references
agent/type
agent/first-publish-date
agent/description
agent/weakness
agent/author
agent/severity
agent/remedy
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
collector/android-source
source/Android
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/google
canonical/android
vendor/qualcomm
canonical/qualcomm mdm9206
canonical/qualcomm mdm9206 firmware
canonical/qualcomm md9607 firmware
canonical/qualcomm mdm9607 firmware
canonical/qualcomm mdm9650
canonical/qualcomm mdm9650 firmware
canonical/qualcomm msm8909w
canonical/qualcomm snapdragon 8909
canonical/qualcomm zz qcs605 firmware
canonical/qualcomm qcs605 firmware
canonical/qualcomm sd210 firmware
canonical/qualcomm sd 210 firmware
canonical/qualcomm sd 212
canonical/qualcomm sd 212 firmware
canonical/qualcomm sd205 firmware
canonical/qualcomm sd 439
canonical/qualcomm sd 439 firmware
canonical/qualcomm sd429 firmware
canonical/qualcomm sd 429 firmware
canonical/qualcomm snapdragon 712 firmware
canonical/qualcomm snapdragon 712
canonical/qualcomm sdm710 firmware
canonical/qualcomm snapdragon 710
canonical/qualcomm sdm670 firmware
canonical/qualcomm sdm670
canonical/qualcomm sd820a firmware
canonical/qualcomm sda845 firmware
canonical/qualcomm sd845
canonical/qualcomm sd850 firmware
canonical/qualcomm sd850
canonical/qualcomm sd855 firmware
canonical/qualcomm sdm439 firmware
canonical/qualcomm sd660 firmware
canonical/qualcomm snapdragon 660
canonical/qualcomm sdx24