CVE-2019-2336: Use After Free
First published: Mon Oct 07 2019(Updated: )
Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm 9205 Firmware | ||
| Qualcomm 9205 | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm QCS404 Firmware | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55 Firmware | ||
| qualcomm SM6150P firmware | ||
| Qualcomm SM6150P | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150 firmware | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-2336?
CVE-2019-2336 is considered a high severity vulnerability due to potential memory corruption issues.
How do I fix CVE-2019-2336?
To fix CVE-2019-2336, update your device firmware or software to the latest version provided by the manufacturer.
What devices are affected by CVE-2019-2336?
CVE-2019-2336 affects several Qualcomm chipsets, including the Snapdragon Mobile and various firmware versions.
What type of vulnerability is CVE-2019-2336?
CVE-2019-2336 is classified as a use after free vulnerability that can lead to memory corruption.
Can CVE-2019-2336 be exploited remotely?
CVE-2019-2336 may be exploitable remotely, putting devices at risk if not updated.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm 9205 firmware
- canonical/qualcomm 9205
- canonical/qualcomm qcs404 firmware
- canonical/qualcomm sdx55m firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130