CVE-2022-33225

nvd nist

Published: Feb 12, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Memory corruption due to use after free in trusted application environment.

Affected (29)

Products: Qualcomm: Apq8096au Firmware, Mdm9628 Firmware, Msm8996au Firmware, Qca6390 Firmware, Qca6391 Firmware, Qca6426 Firmware, Qca6436 Firmware, Qca6564a Firmware, Qca6564au Firmware, Qca6574a Firmware, Qca6574au Firmware, Qualcomm215 Firmware, Sd205 Firmware, Sd210 Firmware, Sd429 Firmware, Sd865 5g Firmware, Sd870 Firmware, Sdm429w Firmware, Sdx55m Firmware, Sdxr2 5g Firmware, Wcd9340 Firmware, Wcd9380 Firmware, Wcn3610 Firmware, Wcn3620 Firmware, Wcn3660b Firmware, Wcn6850 Firmware, Wcn6851 Firmware, Wsa8810 Firmware, Wsa8815 Firmware

29 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8096au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8096au	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9628 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9628	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8996au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8996au	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6390 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6390	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6391 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6391	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6426 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6426	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6436 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6436	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6564a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6564a	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6564au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6564au	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574a	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qualcomm215 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qualcomm215	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd205 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd205	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd210 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd210	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd429 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd429	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd865 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd865 5g	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd870 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd870	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm429w Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm429w	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55m Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55m	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdxr2 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdxr2 5g	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3610 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3610	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3620	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3660b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3660b	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6850	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6851 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6851	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Source: product-security@qualcomm.com

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.