How severe is CVE-2018-11947?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2018-11947?

This is classified as CWE-415, which is a common weakness in software security.

CVE-2018-11947 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

The txrx stats req might be double freed in the pdev detach when the host driver is unloading in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8064, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Related Vulnerabilities

CVE-2014-9807

MEDIUM

CVSS:5.5(Medium)

The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.

CWE-4152014

CVE-2015-5203

MEDIUM

CVSS:5.5(Medium)

Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

CWE-4152015

CVE-2015-8894

MEDIUM

CVSS:5.5(Medium)

Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.

CWE-4152015

CVE-2017-15330

MEDIUM

CVSS:5.5(Medium)

The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malici...

CWE-4152017

CVE-2017-15364

MEDIUM

CVSS:5.5(Medium)

The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file. ...

CWE-4152017

CVE-2017-6353

MEDIUM

CVSS:5.5(Medium)

net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (inval...

CWE-4152017