← Back

CVE-2022-40540

nvd nist
Published: Mar 10, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.

Affected (16)

Qualcomm
16 products
Sd 8 Gen1 5g Firmware
Sd888 5g Firmware
Sw5100 Firmware
Sw5100p Firmware
Wcd9380 Firmware
Wcd9385 Firmware
Wcn3980 Firmware
Wcn3988 Firmware
Wcn6850 Firmware
Wcn6851 Firmware
Wcn6855 Firmware
Wcn6856 Firmware
Wcn7850 Firmware
Wcn7851 Firmware
Wsa8830 Firmware
Wsa8835 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sd 8 Gen1 5g Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8475
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sd888 5g Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sd888 5g
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sw5100 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sw5100
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sw5100p Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sw5100p
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcd9380 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcd9380
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcd9385 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcd9385
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn3980 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn3980
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn3988 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn3988
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn6850 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn6850
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn6851 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn6851
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn6855 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn6855
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn6856 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn6856
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn7850 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn7850
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wcn7851 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wcn7851
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wsa8830 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wsa8830
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wsa8835 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Wsa8835
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

Source: product-security@qualcomm.com
Source: product-security@qualcomm.com
Source: product-security@qualcomm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.