CVE-2018-5838 - Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon

CVE-2018-5838

Summary

Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger.

References

https://www.qualcomm.com/company/product-security/bulletins

Vulnerable Configurations

cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_600:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_600:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 04-09-2018 - 18:18)
Impact:
Exploitability:

CWE

CWE-129

CAPEC

Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an adversary. As a consequence, an adversary is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the adversaries' choice.

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm

https://www.qualcomm.com/company/product-security/bulletins

Last major update

04-09-2018 - 18:18

Published

06-07-2018 - 17:29

Last modified

04-09-2018 - 18:18