What is the severity of CVE-2018-5883?

CVE-2018-5883 is rated as a critical severity vulnerability due to its potential to cause a buffer overflow.

How do I fix CVE-2018-5883?

To fix CVE-2018-5883, update the affected Qualcomm firmware to a version that addresses the buffer overflow vulnerability.

Which Qualcomm devices are affected by CVE-2018-5883?

CVE-2018-5883 affects various Qualcomm devices including MDM9206, MDM9607, and Snapdragon processors like SD 636 and SD 855.

What type of vulnerability is CVE-2018-5883?

CVE-2018-5883 is a buffer overflow vulnerability caused by improper validation of array indices in the WLAN driver.

Can CVE-2018-5883 be exploited remotely?

Yes, CVE-2018-5883 can be potentially exploited remotely, leading to unauthorized access or crashes.

Vulnerability/
CVE-2018-5883

high

7.8

CWE

129 119

14/6/2019

5/8/2024

CVE-2018-5883: Out-of-bounds Read

First published: Fri Jun 14 2019(Updated: )

Buffer overflow in WLAN driver event handlers due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Qualcomm MDM9206 firmware
Qualcomm MDM9206
Qualcomm MDM9607 firmware
Qualcomm MDM9607
qualcomm mdm9640 firmware
qualcomm MDM9640
Qualcomm MDM9650 firmware
Qualcomm MDM9650
Qualcomm MSM8996AU Firmware
Qualcomm MSM8996AU Firmware
Qualcomm QCS405 Firmware
Qualcomm QCS405 Firmware
Qualcomm QCS605 firmware
Qualcomm QCS605
qualcomm SD 636 firmware
qualcomm SD 636
qualcomm SD 675 firmware
qualcomm SD 675
qualcomm SD 730 firmware
qualcomm SD 730
qualcomm SD 820A firmware
qualcomm SD 820A
qualcomm SD 835 firmware
qualcomm SD 835
qualcomm SD 855 firmware
qualcomm SD 855
qualcomm SDA660 firmware
qualcomm SDA660
qualcomm SDM630 firmware
qualcomm SDM630
qualcomm SDM660 firmware
qualcomm SDM660
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware
Qualcomm sdx24 firmware
Qualcomm sdx24

Never miss a vulnerability like this again

Reference Links

https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin

Frequently Asked Questions

What is the severity of CVE-2018-5883?
CVE-2018-5883 is rated as a critical severity vulnerability due to its potential to cause a buffer overflow.
How do I fix CVE-2018-5883?
To fix CVE-2018-5883, update the affected Qualcomm firmware to a version that addresses the buffer overflow vulnerability.
Which Qualcomm devices are affected by CVE-2018-5883?
CVE-2018-5883 affects various Qualcomm devices including MDM9206, MDM9607, and Snapdragon processors like SD 636 and SD 855.
What type of vulnerability is CVE-2018-5883?
CVE-2018-5883 is a buffer overflow vulnerability caused by improper validation of array indices in the WLAN driver.
Can CVE-2018-5883 be exploited remotely?
Yes, CVE-2018-5883 can be potentially exploited remotely, leading to unauthorized access or crashes.