CVE-2020-3610

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions APQ8009 through SM8250

Description The issue concerns a possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands, as there is no refcount taken for this object. This affects various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables.

Recommendations For Qualcomm Snapdragon versions APQ8009 through SM8250, at the moment, there is no information about a newer version that contains a fix for this vulnerability.