CVE-2018-5869: Input Validation
First published: Mon Dec 03 2018(Updated: )
Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Qualcomm MDM9206 firmware | ||
| Qualcomm MDM9206 | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm MDM9607 | ||
| Qualcomm MSM8909W | ||
| Qualcomm MSM8909W | ||
| qualcomm SD 210 firmware | ||
| qualcomm SD 210 | ||
| qualcomm SD 212 firmware | ||
| qualcomm SD 212 | ||
| qualcomm SD 205 firmware | ||
| qualcomm SD 205 | ||
| qualcomm sd 410 firmware | ||
| qualcomm sd 410 | ||
| qualcomm sd 412 firmware | ||
| qualcomm sd 412 | ||
| qualcomm sd 615 firmware | ||
| qualcomm sd 615 | ||
| qualcomm sd 616 firmware | ||
| qualcomm sd 616 | ||
| qualcomm sd 415 firmware | ||
| qualcomm sd 415 | ||
| qualcomm SD 800 firmware | ||
| qualcomm SD 800 | ||
| qualcomm sd 810 firmware | ||
| qualcomm sd 810 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-5869.
How severe is CVE-2018-5869?
CVE-2018-5869 has a severity value of 7, which is considered high.
Which software versions are affected by CVE-2018-5869?
CVE-2018-5869 affects versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, and SD 800, SD 810.
What is the impact of CVE-2018-5869?
CVE-2018-5869 can lead to invalid memory access in Snapdragon mobile and Snapdragon wear.
Where can I find more information about CVE-2018-5869?
You can find more information about CVE-2018-5869 on the Android Security Bulletin website and the SecurityFocus website.
- agent/references
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/google android
- vendor/qualcomm
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9607
- canonical/qualcomm msm8909w
- canonical/qualcomm sd 210 firmware
- canonical/qualcomm sd 210
- canonical/qualcomm sd 212 firmware
- canonical/qualcomm sd 212
- canonical/qualcomm sd 205 firmware
- canonical/qualcomm sd 205
- canonical/qualcomm sd 410 firmware
- canonical/qualcomm sd 410
- canonical/qualcomm sd 412 firmware
- canonical/qualcomm sd 412
- canonical/qualcomm sd 615 firmware
- canonical/qualcomm sd 615
- canonical/qualcomm sd 616 firmware
- canonical/qualcomm sd 616
- canonical/qualcomm sd 415 firmware
- canonical/qualcomm sd 415
- canonical/qualcomm sd 800 firmware
- canonical/qualcomm sd 800
- canonical/qualcomm sd 810 firmware
- canonical/qualcomm sd 810