ID CVE-2019-10565
Summary Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR1130
References
Vulnerable Configurations
  • cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:msm8905_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:msm8905_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:msm8905:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:msm8905:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:msm8909_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:msm8909_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 21-11-2019 - 15:15)
Impact:
Exploitability:
CWE CWE-415
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin
Last major update 21-11-2019 - 15:15
Published 06-11-2019 - 17:15
Last modified 21-11-2019 - 15:15
Back to Top