Lucene search

QualcommCVE-2022-25723

HistoryOct 19, 2022 - 11:15 a.m.

CVE-2022-25723

2022-10-1911:15:10

CWE-416

qualcomm

web.nvd.nist.gov

cve-2022-25723

memory corruption

multimedia

snapdragon mobile

nvd

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile

Affected configurations

Nvd

Node

qualcommsd_8_gen1_5g_firmwareMatch-

AND

qualcommsm8475Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwcn7850_firmwareMatch-

AND

qualcommwcn7850Match-

Node

qualcommwcn7851_firmwareMatch-

AND

qualcommwcn7851Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

VendorProductVersionCPE
qualcommsd_8_gen1_5g_firmware-cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
qualcommsm8475-cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*
qualcommwcd9380_firmware-cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
qualcommwcd9380-cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
qualcommwcn6855_firmware-cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
qualcommwcn6855-cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*
qualcommwcn6856_firmware-cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
qualcommwcn6856-cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*
qualcommwcn7850_firmware-cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
qualcommwcn7850-cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	sd_8_gen1_5g_firmware	-	cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::*
qualcomm	sm8475	-	cpe:2.3:h:qualcomm:sm8475:-:::::::*
qualcomm	wcd9380_firmware	-	cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9380	-	cpe:2.3:h:qualcomm:wcd9380:-:::::::*
qualcomm	wcn6855_firmware	-	cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::*
qualcomm	wcn6855	-	cpe:2.3:h:qualcomm:wcn6855:-:::::::*
qualcomm	wcn6856_firmware	-	cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::*
qualcomm	wcn6856	-	cpe:2.3:h:qualcomm:wcn6856:-:::::::*
qualcomm	wcn7850_firmware	-	cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::*
qualcomm	wcn7850	-	cpe:2.3:h:qualcomm:wcn7850:-:::::::*

Rows per page:

1-10 of 161

CNA Affected

[
  {
    "vendor": "Qualcomm, Inc.",
    "product": "Snapdragon Mobile",
    "versions": [
      {
        "version": "SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835",
        "status": "affected"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

Social References

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for CVE-2022-25723