发布日期：2018-10-29
更新日期：2018-10-30

受影响系统：

Qualcomm chipsets Snapdragon_High_Med_2016
Qualcomm chipsets SDM710
Qualcomm chipsets SDM660
Qualcomm chipsets SDM636
Qualcomm chipsets SDM632
Qualcomm chipsets SDM630
Qualcomm chipsets SDM439
Qualcomm chipsets SDM429
Qualcomm chipsets SDA660
Qualcomm chipsets SD 850
Qualcomm chipsets SD 845
Qualcomm chipsets SD 835
Qualcomm chipsets SD 650/52
Qualcomm chipsets SD 625
Qualcomm chipsets SD 450
Qualcomm chipsets SD 435
Qualcomm chipsets SD 430
Qualcomm chipsets SD 427
Qualcomm chipsets MDM9650SD 425
Qualcomm chipsets MDM9607
Qualcomm chipsets MDM9206
Qualcomm chipsets IPQ8074

描述：

---

CVE(CAN) ID: CVE-2018-11853

Qualcomm IPQ8074是应用于不同平台的中央处理器（CPU）产品。

多款Qualcomm Snapdragon产品中在处理WMI_ROAM_SET_CHAN_LIST时，未能对'num_chan'范围进行检查，在实现中存在缓冲区溢出漏洞。攻击者可利用该漏洞执行任意代码或造成拒绝服务。

<*来源：vendor
  *>

建议：

---

厂商补丁：

Qualcomm
--------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

https://www.qualcomm.com/company/product-security/bulletins

浏览次数：2254
严重程度：0（网友投票）