CVE-2018-13899

CVE Database · CVE-2018-13899

CVE-2018-13899

· N/AModified

CVSS v3.1

N/A

EPSS

0.21%

Published

May 24, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150

Weaknesses (CWE)

CWE-416

Affected Products (60)

qualcomm · mdm9150_firmwarevulnerable

qualcomm · mdm9150

qualcomm · mdm9206_firmwarevulnerable

qualcomm · mdm9206

qualcomm · mdm9607_firmwarevulnerable

qualcomm · mdm9607

qualcomm · mdm9650_firmwarevulnerable

qualcomm · mdm9650

qualcomm · msm8909w_firmwarevulnerable

qualcomm · msm8909w

qualcomm · qcs605_firmwarevulnerable

· qcs605

References (2)

https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin

PatchThird Party Advisory

https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin

PatchThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs