CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0CVE-2019-10565 – Google Android v4l2 Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-10565
Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR1130 Un problema de doble liberación puede presentarse cuando la configuración de alimentación del sensor es liberada por parte de un hilo o subproceso mientras otro hilo intenta acceder. En los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables en las versiones APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR1130. This vulnerability allows local attackers to escalate privileges on affected installations of Google Android. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the v4l2 driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin • CWE-415: Double Free •
CVSS: 10.0EPSS: 0%CPEs: 88EXPL: 0CVE-2019-2327
https://notcve.org/view.php?id=CVE-2019-2327
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 Un posible desbordamiento del búfer puede ocurrir cuando se reproduce un clip con un tamaño de elemento incorrecto en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables en las versiones MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •