exploitDog

GHSA-r56h-vq2j-5898

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130

Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130

Ссылки

EPSS

Процентиль: 27%

0.00094

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-129

Связанные уязвимости

CVE-2018-11288

CVSS3: 7.8

nvd

около 7 лет назад

Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130

EPSS

Процентиль: 27%

0.00094

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-129