Unsigned Integer Underflow Vulnerability in IPA Driver Leads to Buffer Over-read

CVE-2018-5852

8.4HIGH

Key Information

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 26 November 2024

Summary

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'

Affected Version(s)

Snapdragon = MDM9206

Snapdragon = MDM9607

Snapdragon = MDM9640

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Nov 26, 2024
Vulnerability Reserved.
Jan 19, 2018

Collectors

NVD DatabaseMitre Database