Lucene search

K
cve[email protected]CVE-2022-33292
HistoryMay 02, 2023 - 6:15 a.m.

CVE-2022-33292

2023-05-0206:15:09
CWE-416
web.nvd.nist.gov
32
cve-2022-33292
memory corruption
qualcomm ipc
use after free
security vulnerability
nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.

Affected configurations

NVD
Node
qualcommsg4150p_firmwareMatch-
AND
qualcommsg4150pMatch-
Node
qualcommsm6225_firmwareMatch-
AND
qualcommsm6225Match-
Node
qualcommsm6225-ad_firmwareMatch-
AND
qualcommsm6225-adMatch-
Node
qualcommwcd9370_firmwareMatch-
AND
qualcommwcd9370Match-
Node
qualcommwcd9375_firmwareMatch-
AND
qualcommwcd9375Match-
Node
qualcommwcn3950_firmwareMatch-
AND
qualcommwcn3950Match-
Node
qualcommwcn3988_firmwareMatch-
AND
qualcommwcn3988Match-
Node
qualcommwsa8810_firmwareMatch-
AND
qualcommwsa8810Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Compute",
      "Snapdragon Mobile"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "SG4150P"
      },
      {
        "status": "affected",
        "version": "Snapdragon 680 4G Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
      },
      {
        "status": "affected",
        "version": "WCD9370"
      },
      {
        "status": "affected",
        "version": "WCD9375"
      },
      {
        "status": "affected",
        "version": "WCN3950"
      },
      {
        "status": "affected",
        "version": "WCN3988"
      },
      {
        "status": "affected",
        "version": "WSA8810"
      }
    ]
  }
]

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for CVE-2022-33292