CVE-2019-10561

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions APQ8009 through SDM660

Description The issue is caused by improper initialization of local variables that are parameters to the sfs api, which may lead to invalid pointer dereference and denial of service. This affects various Qualcomm Snapdragon products, including Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, and Wired Infrastructure and Networking.

Recommendations For Qualcomm Snapdragon versions APQ8009 through SDM660, consider disabling the sfs api until a patch is available to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.