Vulnerabilities > CVE-2019-10501 - Use After Free vulnerability in Qualcomm products

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

qualcomm

CWE-416

NVD

Published: 2019-09-30

Updated: 2021-07-21

Summary

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Mdm9150 Firmware - Qualcomm Mdm9206 Firmware - Qualcomm Mdm9607 Firmware - Qualcomm Mdm9650 Firmware - Qualcomm Msm8909W Firmware - Qualcomm Msm8996Au Firmware - Qualcomm Qcs405 Firmware - Qualcomm Qcs605 Firmware - Qualcomm Qualcomm 215 Firmware - Qualcomm SD 210 Firmware - Qualcomm SD 212 Firmware - Qualcomm SD 205 Firmware - Qualcomm SD 425 Firmware - Qualcomm SD 427 Firmware - Qualcomm SD 430 Firmware - Qualcomm SD 435 Firmware - Qualcomm SD 439 Firmware - Qualcomm SD 429 Firmware - Qualcomm SD 450 Firmware - Qualcomm SD 625 Firmware - Qualcomm SD 632 Firmware - Qualcomm SD 636 Firmware - Qualcomm SD 665 Firmware - Qualcomm SD 675 Firmware - Qualcomm SD 712 Firmware - Qualcomm SD 710 Firmware - Qualcomm SD 670 Firmware - Qualcomm SD 730 Firmware - Qualcomm SD 820 Firmware - Qualcomm SD 820A Firmware - Qualcomm SD 835 Firmware - Qualcomm SD 845 Firmware - Qualcomm SD 850 Firmware - Qualcomm SD 855 Firmware - Qualcomm Sda660 Firmware - Qualcomm Sdm439 Firmware - Qualcomm Sdm630 Firmware - Qualcomm Sdm660 Firmware - Qualcomm Sdx20 Firmware - Qualcomm Sdx24 Firmware -	40
Hardware	Qualcomm Qualcomm Mdm9150 - Qualcomm Mdm9206 - Qualcomm Mdm9607 - Qualcomm Mdm9650 - Qualcomm Msm8909W - Qualcomm Msm8996Au - Qualcomm Qcs405 - Qualcomm Qcs605 - Qualcomm Qualcomm 215 - Qualcomm SD 210 - Qualcomm SD 212 - Qualcomm SD 205 - Qualcomm SD 425 - Qualcomm SD 427 - Qualcomm SD 430 - Qualcomm SD 435 - Qualcomm SD 439 - Qualcomm SD 429 - Qualcomm SD 450 - Qualcomm SD 625 - Qualcomm SD 632 - Qualcomm SD 636 - Qualcomm SD 665 - Qualcomm SD 675 - Qualcomm SD 712 - Qualcomm SD 710 - Qualcomm SD 670 - Qualcomm SD 730 - Qualcomm SD 820 - Qualcomm SD 820A - Qualcomm SD 835 - Qualcomm SD 845 - Qualcomm SD 850 - Qualcomm SD 855 - Qualcomm Sda660 - Qualcomm Sdm439 - Qualcomm Sdm630 - Qualcomm Sdm660 - Qualcomm Sdx20 - Qualcomm Sdx24 -	40

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin