2018-06-07 09:03:14 -04:00
|
|
|
{
|
2019-05-24 17:00:53 +00:00
|
|
|
"CVE_data_meta": {
|
|
|
|
|
"ASSIGNER": "product-security@qualcomm.com",
|
|
|
|
|
"ID": "CVE-2018-11923",
|
|
|
|
|
"STATE": "PUBLIC"
|
|
|
|
|
},
|
|
|
|
|
"affects": {
|
|
|
|
|
"vendor": {
|
|
|
|
|
"vendor_data": [
|
|
|
|
|
{
|
|
|
|
|
"product": {
|
|
|
|
|
"product_data": [
|
|
|
|
|
{
|
|
|
|
|
"product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"vendor_name": "Qualcomm, Inc."
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"data_format": "MITRE",
|
|
|
|
|
"data_type": "CVE",
|
|
|
|
|
"data_version": "4.0",
|
|
|
|
|
"description": {
|
|
|
|
|
"description_data": [
|
2019-03-17 22:16:06 +00:00
|
|
|
{
|
2019-05-24 17:00:53 +00:00
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24"
|
2019-03-17 22:16:06 +00:00
|
|
|
}
|
2019-05-24 17:00:53 +00:00
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"problemtype": {
|
|
|
|
|
"problemtype_data": [
|
|
|
|
|
{
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "Buffer Copy Without Checking Size of Input in WLAN"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"references": {
|
|
|
|
|
"reference_data": [
|
|
|
|
|
{
|
|
|
|
|
"name": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin",
|
|
|
|
|
"refsource": "CONFIRM",
|
|
|
|
|
"url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
