CVE-2018-11846
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
26/10/2018
Last modified:
10/12/2018
Description
The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850
Impact
Base Score 3.x
4.70
Severity 3.x
MEDIUM
Base Score 2.0
4.70
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page