CVE-2022-33297

Published: Apr 13, 2023Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Information disclosure due to buffer overread in Linux sensors

Affected (10)

Products: Qualcomm: Qca6310 Firmware, Qca6320 Firmware, Sd835 Firmware, Snapdragon 835 Mobile Platform Firmware, Wcd9335 Firmware, Wcd9340 Firmware, Wcd9341 Firmware, Wcn3990 Firmware, Wsa8810 Firmware, Wsa8815 Firmware

10 products

Qca6310 Firmware

Qca6320 Firmware

Snapdragon 835 Mobile Platform Firmware

Wcd9335 Firmware

Wcd9340 Firmware

Wcd9341 Firmware

Wcn3990 Firmware

Wsa8810 Firmware

Wsa8815 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6310 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6310	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6320 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6320	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd835	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 835 Mobile Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 835 Mobile Platform	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9335 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9335	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3990 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3990	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.