Lucene search

[email protected]CVE-2022-22105

HistorySep 16, 2022 - 6:15 a.m.

CVE-2022-22105

2022-09-1606:15:10

CWE-190

[email protected]

web.nvd.nist.gov

cve-2022-22105

memory corruption

bluetooth

integer overflow

hfp-unit profile

snapdragon auto

snapdragon consumer iot

snapdragon mobile

snapdragon voice & music

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.3%

JSON

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

Affected configurations

NVD

Node

qualcommapq8009_firmwareMatch-

AND

qualcommapq8009Match-

Node

qualcommapq8017_firmwareMatch-

AND

qualcommapq8017Match-

Node

qualcommapq8053_firmwareMatch-

AND

qualcommapq8053Match-

Node

qualcommapq8096au_firmwareMatch-

AND

qualcommapq8096auMatch-

Node

qualcommar8031_firmwareMatch-

AND

qualcommar8031Match-

Node

qualcommcsra6620_firmwareMatch-

AND

qualcommcsra6620Match-

Node

qualcommcsra6640_firmwareMatch-

AND

qualcommcsra6640Match-

Node

qualcommcsrb31024_firmwareMatch-

AND

qualcommcsrb31024Match-

Node

qualcommmdm9150_firmwareMatch-

AND

qualcommmdm9150Match-

Node

qualcommmdm9250_firmwareMatch-

AND

qualcommmdm9250Match-

Node

qualcommmdm9607_firmwareMatch-

AND

qualcommmdm9607Match-

Node

qualcommmdm9626_firmwareMatch-

AND

qualcommmdm9626Match-

Node

qualcommmdm9628_firmwareMatch-

AND

qualcommmdm9628Match-

Node

qualcommmdm9640_firmwareMatch-

AND

qualcommmdm9640Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommqca4020_firmwareMatch-

AND

qualcommqca4020Match-

Node

qualcommqca6174a_firmwareMatch-

AND

qualcommqca6174aMatch-

Node

qualcommqca6564a_firmwareMatch-

AND

qualcommqca6564aMatch-

Node

qualcommqca6564au_firmwareMatch-

AND

qualcommqca6564auMatch-

Node

qualcommqca6574_firmwareMatch-

AND

qualcommqca6574Match-

Node

qualcommqca6574a_firmwareMatch-

AND

qualcommqca6574aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca6584_firmwareMatch-

AND

qualcommqca6584Match-

Node

qualcommqca6595_firmwareMatch-

AND

qualcommqca6595Match-

Node

qualcommqca6595au_firmwareMatch-

AND

qualcommqca6595auMatch-

Node

qualcommqca6696_firmwareMatch-

AND

qualcommqca6696Match-

Node

qualcommqca9367_firmwareMatch-

AND

qualcommqca9367Match-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommqca9379_firmwareMatch-

AND

qualcommqca9379Match-

Node

qualcommqcs405_firmwareMatch-

AND

qualcommqcs405Match-

Node

qualcommsa415m_firmwareMatch-

AND

qualcommsa415mMatch-

Node

qualcommsa515m_firmwareMatch-

AND

qualcommsa515mMatch-

Node

qualcommsa6155_firmwareMatch-

AND

qualcommsa6155Match-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsa8155_firmwareMatch-

AND

qualcommsa8155Match-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

Node

qualcommsdx20_firmwareMatch-

AND

qualcommsdx20Match-

Node

qualcommsdx55_firmwareMatch-

AND

qualcommsdx55Match-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9335_firmwareMatch-

AND

qualcommwcd9335Match-

Node

qualcommwcd9360_firmwareMatch-

AND

qualcommwcd9360Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3615_firmwareMatch-

AND

qualcommwcn3615Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn3999_firmwareMatch-

AND

qualcommwcn3999Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

CPENameOperatorVersion
qualcomm:apq8009_firmwarequalcomm apq8009 firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8009_firmware	qualcomm apq8009 firmware	eq	-

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009, APQ8017, APQ8053, APQ8096AU, AR8031, CSRA6620, CSRA6640, CSRB31024, MDM9150, MDM9250, MDM9607, MDM9626, MDM9628, MDM9640, MDM9650, QCA4020, QCA6174A, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6595, QCA6595AU, QCA6696, QCA9367, QCA9377, QCA9379, QCS405, SA415M, SA515M, SA6155, SA6155P, SA8155, SA8155P, SA8195P, SDX20, SDX55, WCD9326, WCD9335, WCD9360, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3980, WCN3998, WCN3999, WSA8810, WSA8815"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.3%

JSON

Related for CVE-2022-22105

cvelist1 nvd1 prion1