CVE-2019-2266

HIGH

Possible double free issue in kernel - Memory Corruption

Title source: llm

Description

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150

References (1)

[Patch, Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (16)

qualcomm/apq8053_firmware

qualcomm/ipq4019_firmware

qualcomm/ipq8064_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9207c_firmware

qualcomm/mdm9607_firmware

qualcomm/msm8909_firmware

qualcomm/msm8909w_firmware

qualcomm/nicobar_firmware

qualcomm/qca9980_firmware

qualcomm/qcs405_firmware

qualcomm/qcs605_firmware

qualcomm/sdm845_firmware

qualcomm/sdx24_firmware

qualcomm/sm7150_firmware

... and 1 more

Timeline

Published Nov 21, 2019

Tracked Since Feb 18, 2026