Buffer Overflow Vulnerability in WideVine for Qualcomm Snapdragon Products
CVE-2018-5868
7.8HIGH
Key Information:
- Vendor
- Qualcomm
- Vendor
- CVE Published:
- 18 January 2019
Summary
A vulnerability has been identified in WideVine associated with Qualcomm's Snapdragon products that stems from inadequate verification of input size, which can lead to a buffer overflow. This issue affects multiple versions across various Snapdragon mobile and automobile platforms, potentially allowing attackers to execute arbitrary code or disrupt the system's functionality. It is crucial for users and developers to be aware of this vulnerability and implement mitigative measures as necessary.
Affected Version(s)
Snapdragon Automobile, Snapdragon Mobile MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved