CVE-2018-11816

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2018-11816
Crafted Binder Request Causes Heap UAF in MediaServer

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:apq8016_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8016:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:apq8039_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8039:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:apq8052_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8052:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:apq8056_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8056:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:ar6003_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*
History

06 Feb 2025, 16:41

Type Values Removed Values Added
First Time Qualcomm apq8017
Qualcomm ar6003
Qualcomm apq8076 Firmware
Qualcomm sd670
Qualcomm ar6003 Firmware
Qualcomm aqt1000
Qualcomm sd820 Firmware
Qualcomm apq8016
Qualcomm sd821
Qualcomm apq8052 Firmware
Qualcomm apq8056 Firmware
Qualcomm 9206 Lte Modem Firmware
Qualcomm sd670 Firmware
Qualcomm apq8017 Firmware
Qualcomm sd835
Qualcomm sd820
Qualcomm sd660
Qualcomm 9206 Lte Modem
Qualcomm
Qualcomm apq8076
Qualcomm apq8056
Qualcomm apq8016 Firmware
Qualcomm sd835 Firmware
Qualcomm apq8039
Qualcomm apq8039 Firmware
Qualcomm sd660 Firmware
Qualcomm apq8052
Qualcomm sd821 Firmware
Qualcomm aqt1000 Firmware
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html - Vendor Advisory
CPE cpe:2.3:h:qualcomm:apq8016:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8039_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8052_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8056_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8056:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ar6003_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8016_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8052:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8039:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*
Summary
  • (es) La solicitud de Binder manipulada provoca un UAF de montón en MediaServer

26 Nov 2024, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-26 14:15

Updated : 2025-02-06 16:41

NVD link : CVE-2018-11816

Mitre link : CVE-2018-11816

CVE.ORG link : CVE-2018-11816

JSON object : View

Products Affected

qualcomm

  • ar6003_firmware
  • apq8016
  • sd821_firmware
  • sd670
  • sd820
  • apq8017_firmware
  • aqt1000_firmware
  • apq8017
  • 9206_lte_modem
  • sd670_firmware
  • sd835_firmware
  • 9206_lte_modem_firmware
  • apq8052
  • sd821
  • apq8056_firmware
  • sd820_firmware
  • apq8039_firmware
  • apq8076
  • apq8016_firmware
  • aqt1000
  • apq8052_firmware
  • apq8056
  • sd660_firmware
  • sd660
  • apq8039
  • apq8076_firmware
  • sd835
  • ar6003
CWE
CWE-416

Use After Free