CVE-2018-11947

MEDIUM

Snapdragon Auto - Use After Free

Title source: llm

Description

The txrx stats req might be double freed in the pdev detach when the host driver is unloading in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8064, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

References (1)

[Patch, Third Party Advisory] https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin

Scores

CVSS v3 5.5

EPSS 0.0004

EPSS Percentile 13.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-415

Status published

Affected Products (42)

qualcomm/ipq8064_firmware

qualcomm/mdm9150_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9607_firmware

qualcomm/mdm9640_firmware

qualcomm/mdm9650_firmware

qualcomm/msm8996au_firmware

qualcomm/qca6174a_firmware

qualcomm/qca6574au_firmware

qualcomm/qca9377_firmware

qualcomm/qca9379_firmware

qualcomm/qca9558_firmware

qualcomm/qca9880_firmware

qualcomm/qca9886_firmware

qualcomm/qca9980_firmware

... and 27 more

Timeline

Published Jun 14, 2019

Tracked Since Feb 18, 2026