ID
VAR-201909-1454
CVE
CVE-2019-10509
TITLE
plural Snapdragon Vulnerability in using freed memory in products
Trust: 0.8
DESCRIPTION
Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016. plural Snapdragon The product contains a vulnerability related to the use of released memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8996AU is a central processing unit (CPU) product of Qualcomm (Qualcomm). A resource management error vulnerability exists in several Qualcomm products. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products
Trust: 1.71
AFFECTED PRODUCTS
| vendor: | qualcomm | model: | sd 632 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | msm8996au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs405 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 427 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qcs605 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sda660 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 835 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 710 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 425 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 675 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 429 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 820a | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | snapdragon high med 2016 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 730 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 850 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdm630 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdm660 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6574au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 845 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 820 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 450 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sdm439 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | msm8909w | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 670 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 439 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 435 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 855 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 430 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 665 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 712 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 636 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 625 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | msm8909w | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | msm8996au | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | qca6574au | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | qcs405 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | qcs605 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 425 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 427 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 430 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 435 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 439 | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-416 | Trust: 1.9 |
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | August 2019 Code Aurora Security Bulletin | url: | https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin | Trust: 0.8 |
| title: | Android Qualcomm BTHOST Fixes for component security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96179 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-10509 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2019-010015 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201908-442 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-142062 | Trust: 0.1 |
REFERENCES
| url: | https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-10509 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10509 | Trust: 0.8 |
| url: | https://source.android.com/security/bulletin/2019-08-01.html | Trust: 0.6 |
| url: | https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-august-2019-29951 | Trust: 0.6 |
SOURCES
| db: | VULHUB | id: | VHN-142062 |
| db: | JVNDB | id: | JVNDB-2019-010015 |
| db: | CNNVD | id: | CNNVD-201908-442 |
| db: | NVD | id: | CVE-2019-10509 |
LAST UPDATE DATE
2024-11-23T22:05:59.689000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-142062 | date: | 2019-10-02T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-010015 | date: | 2019-10-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-442 | date: | 2020-07-28T00:00:00 |
| db: | NVD | id: | CVE-2019-10509 | date: | 2024-11-21T04:19:19.243 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-142062 | date: | 2019-09-30T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-010015 | date: | 2019-10-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-442 | date: | 2019-08-06T00:00:00 |
| db: | NVD | id: | CVE-2019-10509 | date: | 2019-09-30T16:15:10.870 |