CVE-2018-3589

Summary

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket, which can lead to a buffer overflow when the sample buffer is copied to the logPacket buffer.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon MobileMDM9650, MDM9655, SD 835, SD 845, SD 850affected

Weaknesses

  • Buffer Copy without Checking Size of Input in RFA

ADP Enrichment

CVE Program Container

Additional References

References