CVE-2018-11998

Summary

While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Mobile, Snapdragon WearMDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016affected

Weaknesses

  • Time-of-check Time-of-use (TOCTOU) Race Condition in HLOS Data

ADP Enrichment

CVE Program Container

Additional References

References