CVE-2018-5868: Buffer Overflow
First published: Mon Dec 03 2018(Updated: )
Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| qualcomm MSM8996AU firmware | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm SDR425 Firmware | ||
| Qualcomm Snapdragon 425 | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SDM450 Firmware | ||
| Qualcomm SDM450 | ||
| Qualcomm SD 625 Firmware | ||
| Qualcomm Snapdragon 625 | ||
| Qualcomm Snapdragon 712 Firmware | ||
| Qualcomm Snapdragon 712 | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm SD 670 | ||
| Qualcomm SDM670 | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD835 Firmware | ||
| Qualcomm Snapdragon 835 | ||
| Qualcomm SDA845 Firmware | ||
| Qualcomm SD845 | ||
| Qualcomm SD850 Firmware | ||
| Qualcomm SD850 | ||
| Qualcomm SDA660 | ||
| Qualcomm SDA660 | ||
| Qualcomm SDX24 | ||
| Qualcomm SDX24 | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-5868?
CVE-2018-5868 is classified as a critical vulnerability due to its potential to cause a buffer overflow in various Qualcomm Snapdragon chipsets.
How do I fix CVE-2018-5868?
The recommended fix for CVE-2018-5868 is to update the firmware of the affected Qualcomm Snapdragon devices to the latest version provided by the manufacturer.
Which devices are affected by CVE-2018-5868?
CVE-2018-5868 affects Qualcomm Snapdragon devices, including MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712, SD 710, SD 670, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX24, and SXR1130.
What can happen if CVE-2018-5868 is exploited?
Exploitation of CVE-2018-5868 can lead to unauthorized code execution, system crashes, or a complete compromise of the affected devices.
Is CVE-2018-5868 a hardware vulnerability?
CVE-2018-5868 is categorized as a software vulnerability but is primarily related to the Qualcomm Snapdragon hardware architecture.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- agent/weakness
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm sdr425 firmware
- canonical/qualcomm snapdragon 425
- canonical/qualcomm sd 430 firmware
- canonical/qualcomm sdm450 firmware
- canonical/qualcomm sdm450
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm snapdragon 625
- canonical/qualcomm snapdragon 712 firmware
- canonical/qualcomm snapdragon 712
- canonical/qualcomm sd710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm sd 670
- canonical/qualcomm sdm670
- canonical/qualcomm sd820 firmware
- canonical/qualcomm sd820a firmware
- canonical/qualcomm sd835 firmware
- canonical/qualcomm snapdragon 835
- canonical/qualcomm sda845 firmware
- canonical/qualcomm sd845
- canonical/qualcomm sd850 firmware
- canonical/qualcomm sd850
- canonical/qualcomm sda660
- canonical/qualcomm sdx24
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware