CVE-2018-5871 - OpenCVE

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests (for privacy reasons) is not done properly due to a flawed RNG which produces repeating output much earlier than expected.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:A/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Qualcomm	Mdm9607 Firmware Sd425 Firmware Sd616 Sd650 Firmware Mdm9206 Firmware Mdm9206 Msm8996au Sd435 Firmware Sd615 Firmware Sda660 Firmware Sdm439 Firmware Sdm630 Firmware Sdm630 Sdm632 Sd212 Firmware Sd652 Sda660 Sdm632 Firmware Sd835 Sd430 Sdm439 Sdm429 Sd450 Sdm660 Firmware Sd205 Firmware Qca6574au Firmware Sd205 Sd427 Sd212 Sd820a Sd415 Sdm429 Firmware Sdm660 Sd615 Mdm9607 Sd425 Sd820a Firmware Sd850 Firmware Sd450 Firmware Sd845 Sd427 Firmware Sd850 Sd845 Firmware Sdm710 Sdm636 Sd210 Sd210 Firmware Qca6574au Mdm9640 Msm8996au Firmware Mdm9650 Sd650 Sd430 Firmware Sd616 Firmware Sd415 Firmware Sd652 Firmware Mdm9640 Firmware Sd435 Mdm9650 Firmware Sd835 Firmware Sdm636 Firmware Sdm710 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd212:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:sd615_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd615:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:sd616_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd616:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:sd415_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd415:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd650:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd652:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd820a:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd850:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*

References

Link	Resource
https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components	Third Party Advisory
https://www.qualcomm.com/company/product-security/bulletins	Vendor Advisory