7.8

CVE-2018-11967

EPSS 0.04%
Veröffentlicht 24.05.2019 17:29:01
Zuletzt bearbeitet 21.11.2024 03:44:20
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Mdm9150 Firmware Version-

Qualcomm ≫ Mdm9150 Version-

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Qualcomm ≫ Mdm9640 Firmware Version-

Qualcomm ≫ Mdm9640 Version-

Qualcomm ≫ Mdm9650 Firmware Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Msm8909w Firmware Version-

Qualcomm ≫ Msm8909w Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Qcs605 Firmware Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Qm215 Firmware Version-

Qualcomm ≫ Qm215 Version-

Qualcomm ≫ Sd 425 Firmware Version-

Qualcomm ≫ Sd 425 Version-

Qualcomm ≫ Sd 427 Firmware Version-

Qualcomm ≫ Sd 427 Version-

Qualcomm ≫ Sd 430 Firmware Version-

Qualcomm ≫ Sd 430 Version-

Qualcomm ≫ Sd 435 Firmware Version-

Qualcomm ≫ Sd 435 Version-

Qualcomm ≫ Sd 439 Firmware Version-

Qualcomm ≫ Sd 439 Version-

Qualcomm ≫ Sd 429 Firmware Version-

Qualcomm ≫ Sd 429 Version-

Qualcomm ≫ Sd 450 Firmware Version-

Qualcomm ≫ Sd 450 Version-

Qualcomm ≫ Sd 625 Firmware Version-

Qualcomm ≫ Sd 625 Version-

Qualcomm ≫ Sd 632 Firmware Version-

Qualcomm ≫ Sd 632 Version-

Qualcomm ≫ Sd 636 Firmware Version-

Qualcomm ≫ Sd 636 Version-

Qualcomm ≫ Sd 650 Firmware Version-

Qualcomm ≫ Sd 650 Version-

Qualcomm ≫ Sd 652 Firmware Version-

Qualcomm ≫ Sd 652 Version-

Qualcomm ≫ Sd 712 Firmware Version-

Qualcomm ≫ Sd 712 Version-

Qualcomm ≫ Sd 710 Firmware Version-

Qualcomm ≫ Sd 710 Version-

Qualcomm ≫ Sd 670 Firmware Version-

Qualcomm ≫ Sd 670 Version-

Qualcomm ≫ Sd 820 Firmware Version-

Qualcomm ≫ Sd 820 Version-

Qualcomm ≫ Sd 820a Firmware Version-

Qualcomm ≫ Sd 820a Version-

Qualcomm ≫ Sd 835 Firmware Version-

Qualcomm ≫ Sd 835 Version-

Qualcomm ≫ Sd 845 Firmware Version-

Qualcomm ≫ Sd 845 Version-

Qualcomm ≫ Sd 850 Firmware Version-

Qualcomm ≫ Sd 850 Version-

Qualcomm ≫ Sd 855 Firmware Version-

Qualcomm ≫ Sd 855 Version-

Qualcomm ≫ Sda660 Firmware Version-

Qualcomm ≫ Sda660 Version-

Qualcomm ≫ Sdm439 Firmware Version-

Qualcomm ≫ Sdm439 Version-

Qualcomm ≫ Sdm630 Firmware Version-

Qualcomm ≫ Sdm630 Version-

Qualcomm ≫ Sdm660 Firmware Version-

Qualcomm ≫ Sdm660 Version-

Qualcomm ≫ Sdx20 Firmware Version-

Qualcomm ≫ Sdx20 Version-

Qualcomm ≫ Sdx24 Firmware Version-

Qualcomm ≫ Sdx24 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.067

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-11967

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-11967

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-11967

EUVD