Chipsets.org

Vulnerability

CVE-2018-11928

Component: WIFI

Location: FIRMWARE

Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150, SXR1130

Impact

Severity (Manufact.)

N/A

Severity (NIST)

7.8

Severity (Android)

N/A

Chipsets

Devices

981

Affected Hardware

Name	Also known as	Manufacturer
MSM8909	Snapdragon 210	Qualcomm
MSM8909AA	Snapdragon 212	Qualcomm
MSM8917	Snapdragon 425	Qualcomm
MSM8953	Snapdragon 625	Qualcomm
SDM630	Snapdragon 630	Qualcomm
SDM636	Snapdragon 636	Qualcomm
SDM660	Snapdragon 660	Qualcomm
SDM670	Snapdragon 670	Qualcomm
SM6150	Snapdragon 675	Qualcomm
SDM710	Snapdragon 710	Qualcomm

18 of 18 row(s) shown.

Rows per page

Page 1 of 2

Information reliability

The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.

Timeline

Introduced (est):

Jan 1, 2014

Reported:

Unknown

Advisory Published:

Apr 1, 2019

CVE Published:

May 24, 2019

Android Patch Level:

None