Description
When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MSM8909W, Nicobar, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDM429W, SDX55, SM8150, SM8250, SXR2130
References (2)
Core 2
Core References
Patch, Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletin
Broken Link x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin
Scores
CVSS v3
7.8
EPSS
0.0004
EPSS Percentile
13.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (13)
qualcomm/mdm9607_firmware
qualcomm/msm8909w_firmware
qualcomm/nicobar_firmware
qualcomm/qcm2150_firmware
qualcomm/qcs405_firmware
qualcomm/qcs605_firmware
qualcomm/saipan_firmware
qualcomm/sc8180x_firmware
qualcomm/sdm429w_firmware
qualcomm/sdx55_firmware
... and 3 more
Published
Jul 30, 2020
Tracked Since
Feb 18, 2026