CVE-2018-11289
Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.
EPSS 0.10% · 26.9th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| qualcomm | sd_632_firmware | |
| qualcomm | sdm439_firmware | |
| qualcomm | sd_425_firmware | |
| qualcomm | mdm9655_firmware | |
| qualcomm | mdm9150_firmware | |
| qualcomm | sd_427_firmware | |
| qualcomm | snapdragon_high_med_2016_firmware | |
| qualcomm | sxr1130_firmware | |
| qualcomm | sd_210_firmware | |
| qualcomm | sd_435_firmware | |
| qualcomm | qca8081_firmware | |
| qualcomm | sd_652_firmware | |
| qualcomm | sd_410_firmware | |
| qualcomm | sd_820a_firmware | |
| qualcomm | sd_205_firmware | |
| qualcomm | sd_650_firmware | |
| qualcomm | sd_439_firmware | |
| qualcomm | sd_8cx_firmware | |
| qualcomm | sd_450_firmware | |
| qualcomm | sd_710_firmware |
…and 23 more
Exploit Intelligence
Timeline
- Feb 5, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score