CVE-2022-33291

nvd nist

Published: Apr 13, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

Affected (39)

Products: Qualcomm: 9205 Lte Modem Firmware, 9206 Lte Modem Firmware, 9207 Lte Modem Firmware, Ar8031 Firmware, Csra6620 Firmware, Csra6640 Firmware, Wcn3998 Firmware, Wcn685x 5 Firmware, Wcn685x 1 Firmware, Wcn785x 1 Firmware, Wcn785x 5 Firmware, Home Hub 100 Platform Firmware, Mdm8207 Firmware, Qca4004 Firmware, Qca4010 Firmware, Qca4024 Firmware, Qts110 Firmware, Qcs400 Firmware, Snapdragon 1100 Wearable Platform Firmware, Snapdragon 1200 Wearable Platform Firmware, Snapdragon Ar2 Gen 1 Platform Firmware, Snapdragon Wear 1300 Platform Firmware, Snapdragon X5 Lte Modem Firmware, Ssg2115p Firmware, Ssg2125p Firmware, Sxr1230p Firmware, Sxr2230p Firmware, Wcd9306 Firmware, Wcd9330 Firmware, Wcd9335 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wcn3980 Firmware, Wcn3999 Firmware, Wsa8810 Firmware, Wsa8815 Firmware, Wsa8830 Firmware, Wsa8832 Firmware, Wsa8835 Firmware

Qualcomm

39 products

9205 Lte Modem Firmware

9206 Lte Modem Firmware

9207 Lte Modem Firmware

Home Hub 100 Platform Firmware

Snapdragon 1100 Wearable Platform Firmware

Snapdragon 1200 Wearable Platform Firmware

Snapdragon Ar2 Gen 1 Platform Firmware

Snapdragon Wear 1300 Platform Firmware

Snapdragon X5 Lte Modem Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm 9205 Lte Modem Firmware	All versions

Running on/with	Platform Versions
Qualcomm 9205 Lte Modem	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm 9206 Lte Modem Firmware	All versions

Running on/with	Platform Versions
Qualcomm 9206 Lte Modem	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm 9207 Lte Modem Firmware	All versions

Running on/with	Platform Versions
Qualcomm 9207 Lte Modem	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8031 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8031	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Csra6620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Csra6620	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Csra6640 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Csra6640	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3998 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3998	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 5	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 1	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 1	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 5	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Home Hub 100 Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Home Hub 100 Platform	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm8207 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm8207	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca4004 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca4004	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca4010 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca4010	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca4024 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca4024	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qts110 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qts110	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs400 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs400	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 1100 Wearable Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 1100 Wearable Platform	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 1200 Wearable Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 1200 Wearable Platform	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Ar2 Gen 1 Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Ar2 Gen 1 Platform	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Wear 1300 Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Wear 1300 Platform	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X5 Lte Modem Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X5 Lte Modem	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ssg2115p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ssg2115p	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ssg2125p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ssg2125p	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr1230p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr1230p	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr2230p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr2230p	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9306 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9306	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9330 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9330	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9335 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9335	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3999 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3999	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8832 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8832	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-126

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.