CVE-2019-10548

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130

Description A Heap use-after-free issue can occur while trying to obtain datad ipc handle during DPL initialization if modem SSR occurs at the same time in various Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, and Snapdragon Wearables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.