Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-10582

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

Published

2020-01-21T07:15:11.777

Last Modified

2024-11-21T04:19:30.143

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qualcomm	apq8096au_firmware	-	Yes
Hardware	qualcomm	apq8096au	-	No
Operating System	qualcomm	mdm9607_firmware	-	Yes
Hardware	qualcomm	mdm9607	-	No
Operating System	qualcomm	msm8909w_firmware	-	Yes
Hardware	qualcomm	msm8909w	-	No
Operating System	qualcomm	nicobar_firmware	-	Yes
Hardware	qualcomm	nicobar	-	No
Operating System	qualcomm	qcs605_firmware	-	Yes
Hardware	qualcomm	qcs605	-	No
Operating System	qualcomm	sa6155p_firmware	-	Yes
Hardware	qualcomm	sa6155p	-	No
Operating System	qualcomm	sda845_firmware	-	Yes
Hardware	qualcomm	sda845	-	No
Operating System	qualcomm	sdm429w_firmware	-	Yes
Hardware	qualcomm	sdm429w	-	No
Operating System	qualcomm	sdm670_firmware	-	Yes
Hardware	qualcomm	sdm670	-	No
Operating System	qualcomm	sdm710_firmware	-	Yes
Hardware	qualcomm	sdm710	-	No
Operating System	qualcomm	sdm845_firmware	-	Yes
Hardware	qualcomm	sdm845	-	No
Operating System	qualcomm	sm6150_firmware	-	Yes
Hardware	qualcomm	sm6150	-	No
Operating System	qualcomm	sm8150_firmware	-	Yes
Hardware	qualcomm	sm8150	-	No
Operating System	qualcomm	sm8250_firmware	-	Yes
Hardware	qualcomm	sm8250	-	No
Operating System	qualcomm	sxr1130_firmware	-	Yes
Hardware	qualcomm	sxr1130	-	No
Operating System	qualcomm	sxr2130_firmware	-	Yes
Hardware	qualcomm	sxr2130	-	No

References

https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin Vendor Advisory ([email protected])
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)