CVE-2019-10583
HIGHQualcomm Snapdragon Firmware - Use-After-Free in Camera Sensor Direct Report Mode
Title source: llmDescription
Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Scores
CVSS v3
7.8
EPSS
0.0004
EPSS Percentile
11.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (16)
qualcomm/apq8096au_firmware
qualcomm/mdm9607_firmware
qualcomm/msm8909w_firmware
qualcomm/nicobar_firmware
qualcomm/qcs605_firmware
qualcomm/sa6155p_firmware
qualcomm/sda845_firmware
qualcomm/sdm429w_firmware
qualcomm/sdm670_firmware
qualcomm/sdm710_firmware
... and 6 more
Published
Jan 21, 2020
Tracked Since
Feb 18, 2026