Chipsets.org

Vulnerability

CVE-2018-11980

Component: WIFI

Location: OS

When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Impact

Severity (Manufact.)

N/A

Severity (NIST)

7.8

Severity (Android)

N/A

Chipsets

Devices

545

Affected Hardware

Name	Also known as	Manufacturer
MSM8937	Snapdragon 430	Qualcomm
SDM630	Snapdragon 630	Qualcomm
SDM636	Snapdragon 636	Qualcomm
SDM660	Snapdragon 660	Qualcomm
SM6150	Snapdragon 675	Qualcomm
MSM8998	Snapdragon 835 Snapdragon 835 Mobile PC Platform	Qualcomm
SM8150	Snapdragon 855	Qualcomm
MSM8996AU	Snapdragon 820A	Qualcomm

8 of 8 row(s) shown.

Rows per page

Page 1 of 1

Information reliability

The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.

Timeline

Introduced (est):

Apr 1, 2016

Reported:

Unknown

Advisory Published:

Dec 2, 2019

CVE Published:

Dec 18, 2019

Android Patch Level:

Dec 2019