CVE-2019-2290

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 650/52, SD 670, SD 712, SD 710, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM660, SDX20, SDX24

Description The issue arises from multiple open and close operations by multiple threads, leading the camera driver to access a destroyed session data pointer. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables.

Recommendations For the affected Qualcomm Snapdragon versions, consider applying patches or updates that address the issue of accessing destroyed session data pointers in the camera driver. At the moment, there is no information about a newer version that contains a fix for this vulnerability.