Lucene search

[email protected]CVE-2022-33240

HistoryJun 06, 2023 - 8:15 a.m.

CVE-2022-33240

2023-06-0608:15:10

CWE-704

[email protected]

web.nvd.nist.gov

cve-2022-33240

memory corruption

audio

type cast

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Memory corruption in Audio due to incorrect type cast during audio use-cases.

Affected configurations

NVD

Node

qualcommqca6595_firmwareMatch-

AND

qualcommqca6595Match-

Node

qualcommqca6595au_firmwareMatch-

AND

qualcommqca6595auMatch-

Node

qualcommqca6696_firmwareMatch-

AND

qualcommqca6696Match-

Node

qualcommsa6150p_firmwareMatch-

AND

qualcommsa6150pMatch-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsa8145p_firmwareMatch-

AND

qualcommsa8145pMatch-

Node

qualcommsa8150p_firmwareMatch-

AND

qualcommsa8150pMatch-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

CPENameOperatorVersion
qualcomm:qca6595_firmwarequalcomm qca6595 firmwareeq-

CPE	Name	Operator	Version
qualcomm:qca6595_firmware	qualcomm qca6595 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QCA6595"
      },
      {
        "status": "affected",
        "version": "QCA6595AU"
      },
      {
        "status": "affected",
        "version": "QCA6696"
      },
      {
        "status": "affected",
        "version": "SA6150P"
      },
      {
        "status": "affected",
        "version": "SA6155P"
      },
      {
        "status": "affected",
        "version": "SA8145P"
      },
      {
        "status": "affected",
        "version": "SA8150P"
      },
      {
        "status": "affected",
        "version": "SA8155P"
      },
      {
        "status": "affected",
        "version": "SA8195P"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVE-2022-33240

prion1 cvelist1 nvd1