CVE-2018-5891

HIGH

Snapdragon Mobile/Snapdragon Wear - Use After Free

Title source: llm

Description

While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in Snapdragon Mobile and Snapdragon Wear.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins

Scores

CVSS v3 8.4

EPSS 0.0009

EPSS Percentile 26.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (15)

qualcomm/msm8909w_firmware

qualcomm/msm8996au_firmware

qualcomm/sd_205_firmware

qualcomm/sd_210_firmware

qualcomm/sd_212_firmware

qualcomm/sd_415_firmware

qualcomm/sd_450_firmware

qualcomm/sd_615_firmware

qualcomm/sd_616_firmware

qualcomm/sd_625_firmware

... and 5 more

Published Jul 06, 2018

Tracked Since Feb 18, 2026