Chipsets.org

Vulnerability

CVE-2019-10484

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8098, MSM8909W, Nicobar, QCS405, QCS605, SDA845, SDM660, SDM670, SDM710, SDM845, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

Impact

Severity (Manufact.)

N/A

Severity (NIST)

5.5

Severity (Android)

N/A

Chipsets

Devices

445

Affected Hardware

Name	Also known as	Manufacturer
SDM660	Snapdragon 660	Qualcomm
SDM670	Snapdragon 670	Qualcomm
SM6150	Snapdragon 675	Qualcomm
SDM710	Snapdragon 710	Qualcomm
SDM845	Snapdragon 845	Qualcomm
SM8150	Snapdragon 855	Qualcomm
MSM8909w	Wear 2100 Wear 2500 Wear 3100	Qualcomm

7 of 7 row(s) shown.

Rows per page

Page 1 of 1

Information reliability

The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.

Timeline

Introduced (est):

Apr 1, 2017

Reported:

Unknown

Advisory Published:

Nov 4, 2019

CVE Published:

Dec 12, 2019

Android Patch Level:

None