Lucene search

[email protected]CVE-2022-22079

HistoryJan 09, 2023 - 8:15 a.m.

CVE-2022-22079

2023-01-0908:15:11

CWE-125

[email protected]

web.nvd.nist.gov

nvd

cve-2022-22079

denial of service

buffer over read

fastboot

mmc

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.3%

JSON

Denial of service while processing fastboot flash command on mmc due to buffer over read

Affected configurations

NVD

Node

qualcommapq8009_firmwareMatch-

AND

qualcommapq8009Match-

Node

qualcommapq8009w_firmwareMatch-

AND

qualcommapq8009wMatch-

Node

qualcommapq8064au_firmwareMatch-

AND

qualcommapq8064auMatch-

Node

qualcommapq8096au_firmwareMatch-

AND

qualcommapq8096auMatch-

Node

qualcommmdm9150_firmwareMatch-

AND

qualcommmdm9150Match-

Node

qualcommmdm9250_firmwareMatch-

AND

qualcommmdm9250Match-

Node

qualcommmdm9628_firmwareMatch-

AND

qualcommmdm9628Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommmsm8108_firmwareMatch-

AND

qualcommmsm8108Match-

Node

qualcommmsm8208_firmwareMatch-

AND

qualcommmsm8208Match-

Node

qualcommmsm8209_firmwareMatch-

AND

qualcommmsm8209Match-

Node

qualcommmsm8608_firmwareMatch-

AND

qualcommmsm8608Match-

Node

qualcommmsm8909w_firmwareMatch-

AND

qualcommmsm8909wMatch-

Node

qualcommmsm8996au_firmwareMatch-

AND

qualcommmsm8996auMatch-

Node

qualcommqca4020_firmwareMatch-

AND

qualcommqca4020Match-

Node

qualcommqca6174a_firmwareMatch-

AND

qualcommqca6174aMatch-

Node

qualcommqca6564a_firmwareMatch-

AND

qualcommqca6564aMatch-

Node

qualcommqca6564au_firmwareMatch-

AND

qualcommqca6564auMatch-

Node

qualcommqca6574_firmwareMatch-

AND

qualcommqca6574Match-

Node

qualcommqca6574a_firmwareMatch-

AND

qualcommqca6574aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca6584au_firmwareMatch-

AND

qualcommqca6584auMatch-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommqca9379_firmwareMatch-

AND

qualcommqca9379Match-

Node

qualcommqualcomm215_firmwareMatch-

AND

qualcommqualcomm215Match-

Node

qualcommsd210_firmwareMatch-

AND

qualcommsd210Match-

Node

qualcommsd429_firmwareMatch-

AND

qualcommsd429Match-

Node

qualcommsd625_firmwareMatch-

AND

qualcommsd625Match-

Node

qualcommsd626_firmwareMatch-

AND

qualcommsd626Match-

Node

qualcommsd835_firmwareMatch-

AND

qualcommsd835Match-

Node

qualcommsda429w_firmwareMatch-

AND

qualcommsda429wMatch-

Node

qualcommsdm429w_firmwareMatch-

AND

qualcommsdm429wMatch-

Node

qualcommsdw2500_firmwareMatch-

AND

qualcommsdw2500Match-

Node

qualcommsdx20_firmwareMatch-

AND

qualcommsdx20Match-

Node

qualcommsdx20m_firmwareMatch-

AND

qualcommsdx20mMatch-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9335_firmwareMatch-

AND

qualcommwcd9335Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3615_firmwareMatch-

AND

qualcommwcn3615Match-

Node

qualcommwcn3620_firmwareMatch-

AND

qualcommwcn3620Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680_firmwareMatch-

AND

qualcommwcn3680Match-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3990_firmwareMatch-

AND

qualcommwcn3990Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

CPENameOperatorVersion
qualcomm:apq8009_firmwarequalcomm apq8009 firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8009_firmware	qualcomm apq8009 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile",
      "Snapdragon Wearables"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009"
      },
      {
        "status": "affected",
        "version": "APQ8009W"
      },
      {
        "status": "affected",
        "version": "APQ8064AU"
      },
      {
        "status": "affected",
        "version": "APQ8096AU"
      },
      {
        "status": "affected",
        "version": "MDM9150"
      },
      {
        "status": "affected",
        "version": "MDM9250"
      },
      {
        "status": "affected",
        "version": "MDM9628"
      },
      {
        "status": "affected",
        "version": "MDM9650"
      },
      {
        "status": "affected",
        "version": "MSM8108"
      },
      {
        "status": "affected",
        "version": "MSM8208"
      },
      {
        "status": "affected",
        "version": "MSM8209"
      },
      {
        "status": "affected",
        "version": "MSM8608"
      },
      {
        "status": "affected",
        "version": "MSM8909W"
      },
      {
        "status": "affected",
        "version": "MSM8996AU"
      },
      {
        "status": "affected",
        "version": "QCA4020"
      },
      {
        "status": "affected",
        "version": "QCA6174A"
      },
      {
        "status": "affected",
        "version": "QCA6564A"
      },
      {
        "status": "affected",
        "version": "QCA6564AU"
      },
      {
        "status": "affected",
        "version": "QCA6574"
      },
      {
        "status": "affected",
        "version": "QCA6574A"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6584AU"
      },
      {
        "status": "affected",
        "version": "QCA9377"
      },
      {
        "status": "affected",
        "version": "QCA9379"
      },
      {
        "status": "affected",
        "version": "Qualcomm215"
      },
      {
        "status": "affected",
        "version": "SD210"
      },
      {
        "status": "affected",
        "version": "SD429"
      },
      {
        "status": "affected",
        "version": "SD625"
      },
      {
        "status": "affected",
        "version": "SD626"
      },
      {
        "status": "affected",
        "version": "SD835"
      },
      {
        "status": "affected",
        "version": "SDA429W"
      },
      {
        "status": "affected",
        "version": "SDM429W"
      },
      {
        "status": "affected",
        "version": "SDW2500"
      },
      {
        "status": "affected",
        "version": "SDX20"
      },
      {
        "status": "affected",
        "version": "SDX20M"
      },
      {
        "status": "affected",
        "version": "WCD9326"
      },
      {
        "status": "affected",
        "version": "WCD9335"
      },
      {
        "status": "affected",
        "version": "WCN3610"
      },
      {
        "status": "affected",
        "version": "WCN3615"
      },
      {
        "status": "affected",
        "version": "WCN3620"
      },
      {
        "status": "affected",
        "version": "WCN3660B"
      },
      {
        "status": "affected",
        "version": "WCN3680"
      },
      {
        "status": "affected",
        "version": "WCN3680B"
      },
      {
        "status": "affected",
        "version": "WCN3980"
      },
      {
        "status": "affected",
        "version": "WCN3990"
      },
      {
        "status": "affected",
        "version": "WSA8815"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.3%

JSON

Related for CVE-2022-22079

cvelist1 prion1 nvd1