9.3
CVE-2018-13903
- EPSS 0.22%
- Published 08.09.2020 10:15:11
- Last modified 21.11.2024 03:48:17
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
u'Error in UE due to race condition in EPCO handling' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Apq8053 Firmware Version-
Qualcomm ≫ Mdm9205 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Msm8909w Firmware Version-
Qualcomm ≫ Msm8917 Firmware Version-
Qualcomm ≫ Msm8920 Firmware Version-
Qualcomm ≫ Msm8937 Firmware Version-
Qualcomm ≫ Msm8940 Firmware Version-
Qualcomm ≫ Msm8953 Firmware Version-
Qualcomm ≫ Sdm450 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.415 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.