CVE-2018-5868

Summary

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Automobile, Snapdragon MobileMSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130affected

Weaknesses

  • Buffer Copy without Checking Size of Input in TrustZone.

ADP Enrichment

CVE Program Container

Additional References

References