ID
VAR-201906-0843
CVE
CVE-2018-11819
TITLE
plural Snapdragon Vulnerability in using freed memory in products
Trust: 0.8
DESCRIPTION
Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to the use of released memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9640 is a central processing unit (CPU) product. A resource management error vulnerability exists in the WLAN features in several Qualcomm products. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. There are currently no detailed details of the vulnerability provided. The following products and versions are affected: Qualcomm MDM9206; MDM9607; MDM9640; MDM9650; MSM8996AU; SD855; SDA660; SDX20; SDX24
Trust: 2.25
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | qualcomm | model: | mdm9607 | scope: | - | version: | - | Trust: 1.4 |
| vendor: | qualcomm | model: | mdm9206 | scope: | - | version: | - | Trust: 1.4 |
| vendor: | qualcomm | model: | msm8996au | scope: | - | version: | - | Trust: 1.4 |
| vendor: | qualcomm | model: | mdm9650 | scope: | - | version: | - | Trust: 1.4 |
| vendor: | qualcomm | model: | mdm9640 | scope: | - | version: | - | Trust: 1.4 |
| vendor: | qualcomm | model: | qcs605 | scope: | - | version: | - | Trust: 1.4 |
| vendor: | qualcomm | model: | msm8996au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdx24 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs605 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 427 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sda660 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 835 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 425 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 675 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 820a | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | mdm9607 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 730 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | mdm9650 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | mdm9206 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 450 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | mdm9640 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdx20 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 435 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 855 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 430 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 625 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 425 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 427 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 430 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 435 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 835 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 625 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd 820a | scope: | - | version: | - | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 855 | Trust: 0.6 |
| vendor: | qualcomm | model: | sda660 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | qualcomm | model: | sdx20 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 425 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 427 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 430 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 435 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 450 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 675 | Trust: 0.6 |
| vendor: | qualcomm | model: | sd | scope: | eq | version: | 730 | Trust: 0.6 |
| vendor: | qualcomm | model: | sdx24 | scope: | - | version: | - | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-416 | Trust: 1.9 |
THREAT TYPE
local
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | May 2019 Code Aurora Security Bulletin | url: | https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin | Trust: 0.8 |
| title: | Patches for several Qualcomm Product Resource Management Error Vulnerabilities (CNVD-2019-18599) | url: | https://www.cnvd.org.cn/patchInfo/show/164007 | Trust: 0.6 |
| title: | Multiple Qualcomm Product resource management error vulnerability fixes | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93826 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-11819 | Trust: 3.1 |
| db: | JVNDB | id: | JVNDB-2018-015637 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201906-609 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2019-18599 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-121716 | Trust: 0.1 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2018-11819 | Trust: 2.0 |
| url: | https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin | Trust: 1.7 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11819 | Trust: 0.8 |
SOURCES
| db: | CNVD | id: | CNVD-2019-18599 |
| db: | VULHUB | id: | VHN-121716 |
| db: | JVNDB | id: | JVNDB-2018-015637 |
| db: | CNNVD | id: | CNNVD-201906-609 |
| db: | NVD | id: | CVE-2018-11819 |
LAST UPDATE DATE
2024-11-23T22:41:29.137000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2019-18599 | date: | 2019-06-19T00:00:00 |
| db: | VULHUB | id: | VHN-121716 | date: | 2019-06-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-015637 | date: | 2019-06-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-201906-609 | date: | 2019-06-18T00:00:00 |
| db: | NVD | id: | CVE-2018-11819 | date: | 2024-11-21T03:44:05.023 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2019-18599 | date: | 2019-06-19T00:00:00 |
| db: | VULHUB | id: | VHN-121716 | date: | 2019-06-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-015637 | date: | 2019-06-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-201906-609 | date: | 2019-06-14T00:00:00 |
| db: | NVD | id: | CVE-2018-11819 | date: | 2019-06-14T17:29:00.267 |