Lucene search

K
cve[email protected]CVE-2022-33282
HistoryApr 13, 2023 - 7:15 a.m.

CVE-2022-33282

2023-04-1307:15:16
CWE-190
CWE-680
web.nvd.nist.gov
33
cve-2022-33282
memory corruption
automotive
multimedia
integer overflow
buffer overflow
ioctl
video playback
nvd

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.

Affected configurations

NVD
Node
qualcommmsm8996au_firmwareMatch-
AND
qualcommmsm8996auMatch-
Node
qualcommqam8295p_firmwareMatch-
AND
qualcommqam8295pMatch-
Node
qualcommqca6574a_firmwareMatch-
AND
qualcommqca6574aMatch-
Node
qualcommqca6574au_firmwareMatch-
AND
qualcommqca6574auMatch-
Node
qualcommqca6584au_firmwareMatch-
AND
qualcommqca6584auMatch-
Node
qualcommqca6595_firmwareMatch-
AND
qualcommqca6595Match-
Node
qualcommqca6595au_firmwareMatch-
AND
qualcommqca6595auMatch-
Node
qualcommqca6696_firmwareMatch-
AND
qualcommqca6696Match-
Node
qualcommsa6145p_firmwareMatch-
AND
qualcommsa6145pMatch-
Node
qualcommsa6150p_firmwareMatch-
AND
qualcommsa6150pMatch-
Node
qualcommsa6155_firmwareMatch-
AND
qualcommsa6155Match-
Node
qualcommsa6155p_firmwareMatch-
AND
qualcommsa6155pMatch-
Node
qualcommsa8145p_firmwareMatch-
AND
qualcommsa8145pMatch-
Node
qualcommsa8150p_firmwareMatch-
AND
qualcommsa8150pMatch-
Node
qualcommsa8155_firmwareMatch-
AND
qualcommsa8155Match-
Node
qualcommsa8155p_firmwareMatch-
AND
qualcommsa8155pMatch-
Node
qualcommsa8195p_firmwareMatch-
AND
qualcommsa8195pMatch-
Node
qualcommsa8295p_firmwareMatch-
AND
qualcommsa8295pMatch-
Node
qualcommsa8540p_firmwareMatch-
AND
qualcommsa8540pMatch-
Node
qualcommsa9000p_firmwareMatch-
AND
qualcommsa9000pMatch-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "MSM8996AU"
      },
      {
        "status": "affected",
        "version": "QAM8295P"
      },
      {
        "status": "affected",
        "version": "QCA6574A"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6584AU"
      },
      {
        "status": "affected",
        "version": "QCA6595"
      },
      {
        "status": "affected",
        "version": "QCA6595AU"
      },
      {
        "status": "affected",
        "version": "QCA6696"
      },
      {
        "status": "affected",
        "version": "SA6145P"
      },
      {
        "status": "affected",
        "version": "SA6150P"
      },
      {
        "status": "affected",
        "version": "SA6155"
      },
      {
        "status": "affected",
        "version": "SA6155P"
      },
      {
        "status": "affected",
        "version": "SA8145P"
      },
      {
        "status": "affected",
        "version": "SA8150P"
      },
      {
        "status": "affected",
        "version": "SA8155"
      },
      {
        "status": "affected",
        "version": "SA8155P"
      },
      {
        "status": "affected",
        "version": "SA8195P"
      },
      {
        "status": "affected",
        "version": "SA8295P"
      },
      {
        "status": "affected",
        "version": "SA8540P"
      },
      {
        "status": "affected",
        "version": "SA9000P"
      }
    ]
  }
]

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for CVE-2022-33282