Sign-up

ID

VAR-201906-0742


CVE

CVE-2018-13910


TITLE

plural Snapdragon Product out-of-bounds vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015667

DESCRIPTION

Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, Snapdragon_High_Med_2016. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple information disclosure vulnerabilities 3. Multiple out-of-bounds memory access vulnerabilities 4. An unauthorized-access vulnerability 5. Multiple denial-of-service vulnerabilities 6. An insecure-file-permissions vulnerability An attacker can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service condition and obtain sensitive information. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497. Qualcomm MDM9206 is a central processing unit (CPU) product of Qualcomm (Qualcomm). A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Qualcomm IPQ8074; MDM9206; MDM9607; MDM9650; MDM9655; MSM8996AU; QCA8081; Qualcomm 215; SD 625; SD 632; SD 650/52; SD 820; SD 820A; SDM439; Snapdragon_High_Med_2016

Trust: 2.07

sources: NVD: CVE-2018-13910 // JVNDB: JVNDB-2018-015667 // BID: 108300 // VULHUB: VHN-124017 // VULMON: CVE-2018-13910

AFFECTED PRODUCTS

vendor:qualcommmodel:sd 632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 427scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 652scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 425scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 820ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9607scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon high med 2016scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9206scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 820scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8074scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9655scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 435scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 412scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 625scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8074scope: - version: -

Trust: 0.8

vendor:qualcommmodel:mdm9206scope: - version: -

Trust: 0.8

vendor:qualcommmodel:mdm9607scope: - version: -

Trust: 0.8

vendor:qualcommmodel:mdm9650scope: - version: -

Trust: 0.8

vendor:qualcommmodel:mdm9655scope: - version: -

Trust: 0.8

vendor:qualcommmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:qualcommmodel:qca8081scope: - version: -

Trust: 0.8

vendor:qualcommmodel:qm215scope: - version: -

Trust: 0.8

vendor:qualcommmodel:sd 410scope: - version: -

Trust: 0.8

vendor:qualcommmodel:sd 412scope: - version: -

Trust: 0.8

vendor:googlemodel:pixel xlscope:eqversion:0

Trust: 0.3

vendor:googlemodel:pixel cscope:eqversion:0

Trust: 0.3

vendor:googlemodel:pixelscope:eqversion:0

Trust: 0.3

vendor:googlemodel:nexus playerscope:eqversion:0

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:9

Trust: 0.3

vendor:googlemodel:nexus 6pscope: - version: -

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:6

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:5x

Trust: 0.3

vendor:googlemodel:androidscope:eqversion:0

Trust: 0.3

sources: BID: 108300 // JVNDB: JVNDB-2018-015667 // NVD: CVE-2018-13910

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13910
value: HIGH

Trust: 1.0

NVD: CVE-2018-13910
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-180
value: HIGH

Trust: 0.6

VULHUB: VHN-124017
value: HIGH

Trust: 0.1

VULMON: CVE-2018-13910
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-13910
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-124017
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-13910
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-124017 // VULMON: CVE-2018-13910 // JVNDB: JVNDB-2018-015667 // CNNVD: CNNVD-201905-180 // NVD: CVE-2018-13910

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.9

sources: VULHUB: VHN-124017 // JVNDB: JVNDB-2018-015667 // NVD: CVE-2018-13910

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201905-180

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201905-180

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015667

PATCH
title:Jun 2019 Qualcomm Technologies, Inc. Security Bulletinurl:https://www.qualcomm.com/company/product-security/bulletins
Trust: 0.8
title:Multiple Qualcomm Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92324
Trust: 0.6
title:Threatposturl:https://threatpost.com/google-critical-remote-code-execution-flaws-android/144497/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-13910 // 
            
            
            
            JVNDB: JVNDB-2018-015667 // 
            
            
            
            CNNVD: CNNVD-201905-180

EXTERNAL IDS
db:NVDid:CVE-2018-13910
Trust: 2.9
db:BIDid:108300
Trust: 1.0
db:JVNDBid:JVNDB-2018-015667
Trust: 0.8
db:CNNVDid:CNNVD-201905-180
Trust: 0.7
db:VULHUBid:VHN-124017
Trust: 0.1
db:VULMONid:CVE-2018-13910
Trust: 0.1
sources:
            
            
            VULHUB: VHN-124017 // 
            
            
            
            VULMON: CVE-2018-13910 // 
            
            
            
            BID: 108300 // 
            
            
            
            JVNDB: JVNDB-2018-015667 // 
            
            
            
            CNNVD: CNNVD-201905-180 // 
            
            
            
            NVD: CVE-2018-13910

REFERENCES
url:https://www.qualcomm.com/company/product-security/bulletins
Trust: 2.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-13910
Trust: 1.4
url:http://code.google.com/android/
Trust: 0.9
url:http://www.qualcomm.com/
Trust: 0.9
url:https://source.android.com/security/bulletin/2019-05-01
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13910
Trust: 0.8
url:https://www.securityfocus.com/bid/108300
Trust: 0.7
url:https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-may-2019-29239
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/125.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/google-critical-remote-code-execution-flaws-android/144497/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-124017 // 
            
            
            
            VULMON: CVE-2018-13910 // 
            
            
            
            BID: 108300 // 
            
            
            
            JVNDB: JVNDB-2018-015667 // 
            
            
            
            CNNVD: CNNVD-201905-180 // 
            
            
            
            NVD: CVE-2018-13910

CREDITS
Wen Guanxing of Pangu LAB, Xiling Gong of Tencent Blade Team.,derrek
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-180

SOURCES
db:VULHUBid:VHN-124017
db:VULMONid:CVE-2018-13910
db:BIDid:108300
db:JVNDBid:JVNDB-2018-015667
db:CNNVDid:CNNVD-201905-180
db:NVDid:CVE-2018-13910

LAST UPDATE DATE
2024-11-23T21:37:13.101000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-124017date:2019-06-18T00:00:00
db:VULMONid:CVE-2018-13910date:2019-06-18T00:00:00
db:BIDid:108300date:2019-05-06T00:00:00
db:JVNDBid:JVNDB-2018-015667date:2019-06-21T00:00:00
db:CNNVDid:CNNVD-201905-180date:2019-06-19T00:00:00
db:NVDid:CVE-2018-13910date:2024-11-21T03:48:19.183

SOURCES RELEASE DATE
db:VULHUBid:VHN-124017date:2019-06-14T00:00:00
db:VULMONid:CVE-2018-13910date:2019-06-14T00:00:00
db:BIDid:108300date:2019-05-06T00:00:00
db:JVNDBid:JVNDB-2018-015667date:2019-06-21T00:00:00
db:CNNVDid:CNNVD-201905-180date:2019-05-07T00:00:00
db:NVDid:CVE-2018-13910date:2019-06-14T17:29:00.923