Vulnerability
CVE-2018-11976
ECDSA signature code leaks private keys from secure world to non-secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
Impact
Severity (Manufact.)
N/A
Severity (NIST)
5.5
Severity (Android)
N/A
Chipsets
30
Devices
1482
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8909 | Snapdragon 210 | Qualcomm |
| MSM8909AA | Snapdragon 212 | Qualcomm |
| QM215 | Qualcomm 215 | Qualcomm |
| MSM8916 | Snapdragon 410 | Qualcomm |
| MSM8929 | Snapdragon 415 | Qualcomm |
| MSM8917 | Snapdragon 425 | Qualcomm |
| MSM8920 | Snapdragon 427 | Qualcomm |
| MSM8937 | Snapdragon 430 | Qualcomm |
| MSM8940 | Snapdragon 435 | Qualcomm |
| SDM429 | Snapdragon 429 | Qualcomm |
30 of 30 row(s) shown.
Rows per page
Page 1 of 3
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jan 1, 2014
Reported:
Mar 19, 2018
Advisory Published:
Apr 1, 2019
CVE Published:
May 24, 2019
Android Patch Level:
None
