CVE-2019-10602 - Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdrag

CVE-2019-10602

Summary

Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCS605, SDA660, SDM845, SDX20, SM8150

References

https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin

Vulnerable Configurations

CVSS

Base:	5.0
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

21-01-2020 - 07:15

Published

21-01-2020 - 07:15

Last modified

21-01-2020 - 13:18