What is CVE-2018-13914?

CVE-2018-13914 is a vulnerability that allows an attacker to cause an out-of-bound array issue in certain Qualcomm Snapdragon devices.

Which software versions are affected by CVE-2018-13914?

CVE-2018-13914 affects Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, and MSM8996AU, as well as SD 210, SD 212, and SD 205.

What is the severity of CVE-2018-13914?

The severity of CVE-2018-13914 is high with a CVSS score of 7.8.

How can I fix CVE-2018-13914?

To fix CVE-2018-13914, it is recommended to apply the necessary security updates provided by Qualcomm.

Where can I find more information about CVE-2018-13914?

You can find more information about CVE-2018-13914 in the February 2019 Code Aurora Security Bulletin issued by Qualcomm.

Vulnerability/
CVE-2018-13914

high

7.8

CWE

119 20

25/2/2019

5/8/2024

CVE-2018-13914: Buffer Overflow

First published: Mon Feb 25 2019(Updated: )

Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 636, SD 820A, SD 835, SDM630, SDM660, SDX20.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
qualcomm Snapdragon Auto firmware
Qualcomm Snapdragon Auto
Qualcomm Snapdragon Consumer Internet of Things Firmware
Qualcomm Snapdragon
Qualcomm Snapdragon Industrial Internet of Things
Qualcomm Snapdragon
Qualcomm MDM9150 firmware
Qualcomm MDM9150 firmware
Qualcomm MDM9206
Qualcomm MDM9206 firmware
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
Qualcomm MDM9650
Qualcomm MDM9650 firmware
Qualcomm MSM8909W
Qualcomm Snapdragon 8909
qualcomm MSM8996AU firmware
Qualcomm MSM8996AU Firmware
Qualcomm SD210 Firmware
Qualcomm SD 210 Firmware
Qualcomm SD 212
Qualcomm SD 212 Firmware
Qualcomm SD205 Firmware
Qualcomm SD205 Firmware
Qualcomm SDM636 Firmware
Qualcomm Snapdragon 636
Qualcomm SD820A Firmware
Qualcomm SD820A Firmware
Qualcomm SD835 Firmware
Qualcomm Snapdragon 835
qualcomm SDM630 firmware
qualcomm SDM630
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware

Remedy

https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin

Never miss a vulnerability like this again

Reference Links

https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin

Frequently Asked Questions

What is CVE-2018-13914?
CVE-2018-13914 is a vulnerability that allows an attacker to cause an out-of-bound array issue in certain Qualcomm Snapdragon devices.
Which software versions are affected by CVE-2018-13914?
CVE-2018-13914 affects Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, and MSM8996AU, as well as SD 210, SD 212, and SD 205.
What is the severity of CVE-2018-13914?
The severity of CVE-2018-13914 is high with a CVSS score of 7.8.
How can I fix CVE-2018-13914?
To fix CVE-2018-13914, it is recommended to apply the necessary security updates provided by Qualcomm.
Where can I find more information about CVE-2018-13914?
You can find more information about CVE-2018-13914 in the February 2019 Code Aurora Security Bulletin issued by Qualcomm.

agent/weakness
agent/type
agent/first-publish-date
agent/remedy
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/references
agent/description
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/qualcomm
canonical/qualcomm snapdragon auto firmware
canonical/qualcomm snapdragon auto
canonical/qualcomm snapdragon consumer internet of things firmware
canonical/qualcomm snapdragon
canonical/qualcomm snapdragon industrial internet of things
canonical/qualcomm mdm9150 firmware
canonical/qualcomm mdm9206
canonical/qualcomm mdm9206 firmware
canonical/qualcomm md9607 firmware
canonical/qualcomm mdm9607 firmware
canonical/qualcomm mdm9650
canonical/qualcomm mdm9650 firmware
canonical/qualcomm msm8909w
canonical/qualcomm snapdragon 8909
canonical/qualcomm msm8996au firmware
canonical/qualcomm sd210 firmware
canonical/qualcomm sd 210 firmware
canonical/qualcomm sd 212
canonical/qualcomm sd 212 firmware
canonical/qualcomm sd205 firmware
canonical/qualcomm sdm636 firmware
canonical/qualcomm snapdragon 636
canonical/qualcomm sd820a firmware
canonical/qualcomm sd835 firmware
canonical/qualcomm snapdragon 835
canonical/qualcomm sdm630 firmware
canonical/qualcomm sdm630
canonical/qualcomm sd660 firmware
canonical/qualcomm snapdragon 660
canonical/qualcomm sdx20 firmware