CVE-2019-10484

Summary

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8098, MSM8909W, Nicobar, QCS405, QCS605, SDA845, SDM660, SDM670, SDM710, SDM845, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesAPQ8098, MSM8909W, Nicobar, QCS405, QCS605, SDA845, SDM660, SDM670, SDM710, SDM845, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130affected

Weaknesses

  • Use After Free issue in Secure Processor NVM handler

ADP Enrichment

CVE Program Container

Additional References

References