CVE-2018-5891
CVE-2018-5891
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
06 Jul 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in Snapdragon Mobile and Snapdragon Wear.
Affected products
Qualcomm, Inc. · Snapdragon Mobile, Snapdragon WearWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →