First published: Mon Jan 06 2020(Updated: )
NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8998, Nicobar, QCS605, Rennell, SA6155P, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
Qualcomm APQ8009W Firmware | ||
Qualcomm APQ8009 Firmware | ||
Qualcomm APQ8053 | ||
Qualcomm APQ8053 Firmware | ||
Qualcomm MDM9206 | ||
Qualcomm MDM9206 firmware | ||
qualcomm MDM9207C firmware | ||
Qualcomm 9207 LTE Modem | ||
Qualcomm MD9607 Firmware | ||
Qualcomm MDM9607 firmware | ||
Qualcomm 8909 Firmware | ||
Qualcomm Snapdragon 8909 | ||
Qualcomm MSM8917 | ||
Qualcomm MSM8917 Firmware | ||
Qualcomm 8920 Firmware | ||
Qualcomm 8920 | ||
Qualcomm 8937 Firmware | ||
qualcomm MSM8937 firmware | ||
qualcomm MSM8940 firmware | ||
qualcomm MSM8940 firmware | ||
Qualcomm MSM8998 | ||
Qualcomm 8998 | ||
Qualcomm Nicobar | ||
Qualcomm Nicobar | ||
Qualcomm QCS605 | ||
Qualcomm QCS605 Firmware | ||
Qualcomm Rennell Firmware | ||
Qualcomm Rennell Firmware | ||
Qualcomm SA6155 | ||
Qualcomm SA6155P | ||
Qualcomm SDM630 | ||
Qualcomm SDM630 Firmware | ||
Qualcomm SD 636 Firmware | ||
Qualcomm SDM636 Firmware | ||
Qualcomm SD660 Firmware | ||
Qualcomm Snapdragon 660 | ||
Qualcomm SD 670 Firmware | ||
Qualcomm SDM670 Firmware | ||
Qualcomm SD 710 Firmware | ||
Qualcomm Snapdragon 710 | ||
Qualcomm SDA/SDM845 Firmware | ||
Qualcomm Snapdragon 845 | ||
Qualcomm SDX24 | ||
Qualcomm SDX24 | ||
Qualcomm SDX55M Firmware | ||
Qualcomm SDX55 Firmware | ||
Qualcomm SM6150P firmware | ||
Qualcomm SM6150P | ||
qualcomm SM7150P firmware | ||
qualcomm SM7150 firmware | ||
Qualcomm SM8150P Firmware | ||
Qualcomm SM8150 Fusion | ||
Qualcomm SM8250 | ||
qualcomm SM8250 firmware | ||
Qualcomm SXR2130P Firmware | ||
Qualcomm SXR2130 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10581 has a severity rating of critical due to its potential to lead to a use-after-free vulnerability.
To fix CVE-2019-10581, you should update to the latest firmware version provided by Qualcomm that addresses this vulnerability.
CVE-2019-10581 can lead to unauthorized access or control of the affected devices, potentially compromising user data.
CVE-2019-10581 affects several Qualcomm Snapdragon devices across categories like Automotive, IoT, Mobile, and Wearables.
If users cannot update their device, they should consider limiting exposure to potential threats until a patch is available.