PT-2019-8264 · Qualcomm · Snapdragon Automobile+3

Published

2019-05-06

Updated

2019-05-07

CVE-2017-18157

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20

Description A Use After Free Condition can occur in the Thermal Engine component of Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear. This issue may be related to memory management.

Recommendations For Qualcomm Snapdragon versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2017-18157

Affected Products

Snapdragon

Snapdragon Automobile

Snapdragon Mobile

Snapdragon Wear

PT-2019-8264 · Qualcomm · Snapdragon Automobile+3

CVE-2017-18157

Weakness Enumeration

Related Identifiers

Affected Products

References · 2