CVE-2019-10602

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCS605, SDA660, SDM845, SDX20, SM8150

Description The issue is related to a potential use-after-free heap error during Validate/Present calls on display HW composer in various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Wearables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.