CVE-2018-11816

Summary

Crafted Binder Request Causes Heap UAF in MediaServer

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon9206 LTE Modemaffected
Qualcomm, Inc.SnapdragonAPQ8016affected
Qualcomm, Inc.SnapdragonAPQ8017affected
Qualcomm, Inc.SnapdragonAPQ8039affected
Qualcomm, Inc.SnapdragonAPQ8052affected
Qualcomm, Inc.SnapdragonAPQ8056affected
Qualcomm, Inc.SnapdragonAPQ8076affected
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonAR6003affected
Qualcomm, Inc.SnapdragonSD660affected
Qualcomm, Inc.SnapdragonSD670affected
Qualcomm, Inc.SnapdragonSD820affected
Qualcomm, Inc.SnapdragonSD821affected
Qualcomm, Inc.SnapdragonSD835affected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References