CVE: CVE-2020-3610

Descrizione: Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Vettore di attacco

Riferimenti esterni

• https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin

Prodotti interessati

• Qualcomm, Inc. – Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Relazioni con altri prodotti

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Mobile
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Auto
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Compute
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Consumer Electronics Connectivity
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Consumer IOT
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Industrial IOT
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Voice & Music
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Wearables
Anno: 2020
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2020)