CVE-2022-40538

nvd nist

Published: Jun 6, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

Affected (13)

Products: Qualcomm: Ar8035 Firmware, Wcn685x 5 Firmware, Wcn685x 1 Firmware, Wcn785x 1 Firmware, Wcn785x 5 Firmware, Qca8081 Firmware, Qca8337 Firmware, Qcn6024 Firmware, Qcn9024 Firmware, Qcs8550 Firmware, Snapdragon X65 5g Modem Rf System Firmware, Snapdragon X70 Modem Rf System Firmware, Wcd9380 Firmware

13 products

Snapdragon X65 5g Modem Rf System Firmware

Snapdragon X70 Modem Rf System Firmware

Wcd9380 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 5	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 1	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 1	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 5	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8081 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8081	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6024 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6024	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn9024 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn9024	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs8550 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs8550	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X65 5g Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X65 5g Modem Rf System	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X70 Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X70 Modem Rf System	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Related CWEs

CWE-617

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.