Double Free

CVE-2018-11838

High

7.2/10

Summary

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

CWE-415 - Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References

Advisory Timeline

Published Mar 05, 2020

Double Free

CVE-2018-11838

Summary

CWE-415 - Double Free

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS