First published: Mon Sep 30 2019(Updated: )
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm Msm8909w Firmware | ||
Qualcomm Msm8909w | ||
Qualcomm Qcs405 Firmware | ||
Qualcomm Qcs405 | ||
Qualcomm Qcs605 Firmware | ||
Google Android | ||
Google Android | ||
Qualcomm Qualcomm 215 | ||
Qualcomm Sd 425 Firmware | ||
Qualcomm Sd 425 | ||
Qualcomm Sd 439 Firmware | ||
Qualcomm Sd 439 | ||
Qualcomm Sd 429 Firmware | ||
Qualcomm Sd 429 | ||
Qualcomm Sd 450 Firmware | ||
Qualcomm Sd 450 | ||
Qualcomm Sd 625 Firmware | ||
Qualcomm Sd 625 | ||
Qualcomm Sd 632 Firmware | ||
Qualcomm Sd 632 | ||
Qualcomm Sd 665 Firmware | ||
Qualcomm Sd 665 | ||
Google Android | ||
Qualcomm Sd 675 | ||
Qualcomm Sd 712 Firmware | ||
Qualcomm Sd 712 | ||
Qualcomm Sd 710 Firmware | ||
Qualcomm Sd 710 | ||
Qualcomm Sd 670 Firmware | ||
Qualcomm Sd 670 | ||
Qualcomm Sd 730 Firmware | ||
Qualcomm Sd 730 | ||
Qualcomm Sd 845 Firmware | ||
Qualcomm Sd 845 | ||
Qualcomm Sd 850 Firmware | ||
Qualcomm Sd 850 | ||
Qualcomm Sd 855 Firmware | ||
Qualcomm Sd 855 | ||
Qualcomm Sdm439 Firmware | ||
Qualcomm Sdm439 | ||
Qualcomm Sdx24 Firmware | ||
Google Android |
https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-2284 is a vulnerability related to a possible use-after-free issue due to a race condition while calling camera ioctl concurrently in multiple Qualcomm Snapdragon devices.
CVE-2019-2284 affects multiple Qualcomm Snapdragon devices including MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439, and more.
CVE-2019-2284 has a severity value of 7, indicating a high severity level.
To fix CVE-2019-2284, it is recommended to apply the necessary patches and updates provided by Qualcomm or the respective device manufacturers.
More information about CVE-2019-2284 can be found in the Code Aurora security bulletin for August 2019.