Lucene search

[email protected]CVE-2022-22095

HistorySep 16, 2022 - 6:15 a.m.

CVE-2022-22095

2022-09-1606:15:10

CWE-416

[email protected]

web.nvd.nist.gov

cve-2022-22095

memory corruption

synx driver

use-after-free

snapdragon compute

snapdragon connectivity

snapdragon industrial iot

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.4%

JSON

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Affected configurations

NVD

Node

qualcommapq8053_firmwareMatch-

AND

qualcommapq8053Match-

Node

qualcommmsm8953_firmwareMatch-

AND

qualcommmsm8953Match-

Node

qualcommqca6390_firmwareMatch-

AND

qualcommqca6390Match-

Node

qualcommqca6391_firmwareMatch-

AND

qualcommqca6391Match-

Node

qualcommqca6426_firmwareMatch-

AND

qualcommqca6426Match-

Node

qualcommqca6436_firmwareMatch-

AND

qualcommqca6436Match-

Node

qualcommqcm2290_firmwareMatch-

AND

qualcommqcm2290Match-

Node

qualcommqcm4290_firmwareMatch-

AND

qualcommqcm4290Match-

Node

qualcommqcs2290_firmwareMatch-

AND

qualcommqcs2290Match-

Node

qualcommqcs4290_firmwareMatch-

AND

qualcommqcs4290Match-

Node

qualcommqrb5165_firmwareMatch-

AND

qualcommqrb5165Match-

Node

qualcommqrb5165m_firmwareMatch-

AND

qualcommqrb5165mMatch-

Node

qualcommqrb5165n_firmwareMatch-

AND

qualcommqrb5165nMatch-

Node

qualcommsd439_firmwareMatch-

AND

qualcommsd439Match-

Node

qualcommsd460_firmwareMatch-

AND

qualcommsd460Match-

Node

qualcommsd662_firmwareMatch-

AND

qualcommsd662Match-

Node

qualcommsd680_firmwareMatch-

AND

qualcommsd680Match-

Node

qualcommsd690_5g_firmwareMatch-

AND

qualcommsd690_5gMatch-

Node

qualcommsd750g_firmwareMatch-

AND

qualcommsd750gMatch-

Node

qualcommsd765_firmwareMatch-

AND

qualcommsd765Match-

Node

qualcommsd765g_firmwareMatch-

AND

qualcommsd765gMatch-

Node

qualcommsd768g_firmwareMatch-

AND

qualcommsd768gMatch-

Node

qualcommsd855_firmwareMatch-

AND

qualcommsd855Match-

Node

qualcommsd865_5g_firmwareMatch-

AND

qualcommsd865_5gMatch-

Node

qualcommsd870_firmwareMatch-

AND

qualcommsd870Match-

Node

qualcommsdx55_firmwareMatch-

AND

qualcommsdx55Match-

Node

qualcommsdx55m_firmwareMatch-

AND

qualcommsdx55mMatch-

Node

qualcommsdxr2_5g_firmwareMatch-

AND

qualcommsdxr2_5gMatch-

Node

qualcommsm4125_firmwareMatch-

AND

qualcommsm4125Match-

Node

qualcommsm7250p_firmwareMatch-

AND

qualcommsm7250pMatch-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9341_firmwareMatch-

AND

qualcommwcd9341Match-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn3615_firmwareMatch-

AND

qualcommwcn3615Match-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3910_firmwareMatch-

AND

qualcommwcn3910Match-

Node

qualcommwcn3950_firmwareMatch-

AND

qualcommwcn3950Match-

Node

qualcommwcn3988_firmwareMatch-

AND

qualcommwcn3988Match-

Node

qualcommwcn3991_firmwareMatch-

AND

qualcommwcn3991Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn6850_firmwareMatch-

AND

qualcommwcn6850Match-

Node

qualcommwcn6851_firmwareMatch-

AND

qualcommwcn6851Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:apq8053_firmwarequalcomm apq8053 firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8053_firmware	qualcomm apq8053 firmware	eq	-

CNA Affected

[
  {
    "product": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8053, MSM8953, QCA6390, QCA6391, QCA6426, QCA6436, QCM2290, QCM4290, QCS2290, QCS4290, QRB5165, QRB5165M, QRB5165N, SD439, SD460, SD662, SD680, SD690 5G, SD750G, SD765, SD765G, SD768G, SD855, SD865 5G, SD870, SDX55, SDX55M, SDXR2 5G, SM4125, SM7250P, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

Social References

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.4%

JSON

Related for CVE-2022-22095

nvd1 prion1 cvelist1 androidsecurity1