What is CVE-2018-13925?

CVE-2018-13925 is a critical-severity vulnerability in Qualcomm Mdm9206, classified under Use After Free. CVSS score: 9.8/10. Published 2019-05-24.

How severe is CVE-2018-13925?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Use After Free in Qualcomm Mdm9206

CVE-2018-13925

Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Co…

Vulnerability class: Use-After-Free

EPSS: 0.009 (56.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Qualcomm Mdm9206
Qualcomm Mdm9206_firmware
Qualcomm Mdm9607
Qualcomm Mdm9607_firmware
Qualcomm Mdm9650
Qualcomm Mdm9650_firmware
Qualcomm Msm8909w
Qualcomm Msm8909w_firmware
Qualcomm Msm8996au
Qualcomm Msm8996au_firmware

Weakness classification (CWE)

CWE-416 — Use After Free

References

product-security@qualcomm.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2018-13925?: CVE-2018-13925 is a critical-severity vulnerability in Qualcomm Mdm9206, classified under Use After Free. CVSS score: 9.8/10. Published 2019-05-24.
How severe is CVE-2018-13925?: Critical severity. CVSS v3 base score is 9.8 out of 10.