CVE-2022-25654

Published: Sep 16, 2022Modified: Nov 21, 2024

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Affected (21)

Products: Qualcomm: Apq8096au Firmware, Mdm9650 Firmware, Qca6174a Firmware, Qca6574au Firmware, Qcs603 Firmware, Qcs605 Firmware, Qualcomm215 Firmware, Sd429 Firmware, Sd820 Firmware, Sdm429w Firmware, Wcd9326 Firmware, Wcd9335 Firmware, Wcd9341 Firmware, Wcn3615 Firmware, Wcn3620 Firmware, Wcn3660b Firmware, Wcn3680 Firmware, Wcn3980 Firmware, Wcn3990 Firmware, Wsa8810 Firmware, Wsa8815 Firmware

Qualcomm

21 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8096au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8096au	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9650	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6174a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6174a	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs603 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs603	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs605 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs605	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qualcomm215 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qualcomm215	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd429 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd429	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd820 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd820	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm429w Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm429w	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9326 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9326	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9335 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9335	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3615 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3615	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3620	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3660b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3660b	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3680 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3680	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3990 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3990	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

Source: product-security@qualcomm.com

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.