CVE-2019-10585

Severity CVSS v4.0:
Pending analysis
Type:
CWE-190 Integer Overflow or Wraparound
Publication date:
21/01/2020
Last modified:
24/08/2020

Description

Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*