Lucene search

[email protected]CVE-2022-33304

HistoryMay 02, 2023 - 6:15 a.m.

CVE-2022-33304

2023-05-0206:15:09

CWE-476

[email protected]

web.nvd.nist.gov

cve-2022-33304

transient dos

null pointer dereference

modem

pullup

tcp

udp

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.3%

JSON

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

Affected configurations

NVD

Node

qualcomm9205_lte_modem_firmwareMatch-

AND

qualcomm9205_lte_modemMatch-

Node

qualcomm9206_lte_modem_firmwareMatch-

AND

qualcomm9206_lte_modemMatch-

Node

qualcomm9207_lte_modem_firmwareMatch-

AND

qualcomm9207_lte_modemMatch-

Node

qualcommar8031_firmwareMatch-

AND

qualcommar8031Match-

Node

qualcommcsra6620_firmwareMatch-

AND

qualcommcsra6620Match-

Node

qualcommcsra6640_firmwareMatch-

AND

qualcommcsra6640Match-

Node

qualcommwcn685x-5_firmwareMatch-

AND

qualcommwcn685x-5Match-

Node

qualcommwcn685x-1_firmwareMatch-

AND

qualcommwcn685x-1Match-

Node

qualcommwcn785x-1_firmwareMatch-

AND

qualcommwcn785x-1Match-

Node

qualcommwcn785x-5_firmwareMatch-

AND

qualcommwcn785x-5Match-

Node

qualcommqca-4020-0-217msp_firmwareMatch-

AND

qualcommqca-4020-0-217mspMatch-

Node

qualcommqca-4020-1-217msp_firmwareMatch-

AND

qualcommqca-4020-1-217mspMatch-

Node

qualcommqca-4024-0-68cmqfn_firmwareMatch-

AND

qualcommqca-4024-0-68cmqfnMatch-

Node

qualcommqca-4024-1-68cmqfn_firmwareMatch-

AND

qualcommqca-4024-1-68cmqfnMatch-

Node

qualcommmdm8207_firmwareMatch-

AND

qualcommmdm8207Match-

Node

qualcommqca4004_firmwareMatch-

AND

qualcommqca4004Match-

Node

qualcommqca4024_firmwareMatch-

AND

qualcommqca4024Match-

Node

qualcommqts110_firmwareMatch-

AND

qualcommqts110Match-

Node

qualcommqcs400_firmwareMatch-

AND

qualcommqcs400Match-

Node

qualcommsnapdragon_1100_wearable_platform_firmwareMatch-

AND

qualcommsnapdragon_1100_wearable_platformMatch-

Node

qualcommsnapdragon_1200_wearable_platform_firmwareMatch-

AND

qualcommsnapdragon_1200_wearable_platformMatch-

Node

qualcommsnapdragon_ar2_gen_1_platform_firmwareMatch-

AND

qualcommsnapdragon_ar2_gen_1_platformMatch-

Node

qualcommsnapdragon_wear_1300_platform_firmwareMatch-

AND

qualcommsnapdragon_wear_1300_platformMatch-

Node

qualcommsnapdragon_x5_lte_modem_firmwareMatch-

AND

qualcommsnapdragon_x5_lte_modemMatch-

Node

qualcommssg2115p_firmwareMatch-

AND

qualcommssg2115pMatch-

Node

qualcommssg2125p_firmwareMatch-

AND

qualcommssg2125pMatch-

Node

qualcommsxr1230p_firmwareMatch-

AND

qualcommsxr1230pMatch-

Node

qualcommsxr2230p_firmwareMatch-

AND

qualcommsxr2230pMatch-

Node

qualcommwcd9306_firmwareMatch-

AND

qualcommwcd9306Match-

Node

qualcommwcd9330_firmwareMatch-

AND

qualcommwcd9330Match-

Node

qualcommwcd9335_firmwareMatch-

AND

qualcommwcd9335Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3999_firmwareMatch-

AND

qualcommwcn3999Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8832_firmwareMatch-

AND

qualcommwsa8832Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:9205_lte_modem_firmwarequalcomm 9205 lte modem firmwareeq-

CPE	Name	Operator	Version
qualcomm:9205_lte_modem_firmware	qualcomm 9205 lte modem firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Compute",
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT",
      "Snapdragon Voice & Music"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "9205 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9206 LTE Modem"
      },
      {
        "status": "affected",
        "version": "9207 LTE Modem"
      },
      {
        "status": "affected",
        "version": "AR8031"
      },
      {
        "status": "affected",
        "version": "CSRA6620"
      },
      {
        "status": "affected",
        "version": "CSRA6640"
      },
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "Home Hub 100 Platform"
      },
      {
        "status": "affected",
        "version": "MDM8207"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QCA4024"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "Smart Audio 400 Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1100 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 1200 Wearable Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon AR2 Gen 1 Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon Wear 1300 Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon X5 LTE Modem"
      },
      {
        "status": "affected",
        "version": "SSG2115P"
      },
      {
        "status": "affected",
        "version": "SSG2125P"
      },
      {
        "status": "affected",
        "version": "SXR1230P"
      },
      {
        "status": "affected",
        "version": "SXR2230P"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      },
      {
        "status": "affected",
        "version": "WCD9330"
      },
      {
        "status": "affected",
        "version": "WCD9335"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WCN3980"
      },
      {
        "status": "affected",
        "version": "WCN3999"
      },
      {
        "status": "affected",
        "version": "WSA8810"
      },
      {
        "status": "affected",
        "version": "WSA8815"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8832"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.3%

JSON

Related for CVE-2022-33304

vulnrichment1 nvd1 prion1 cvelist1