Lucene search

[email protected]CVE-2022-40525

HistoryJun 06, 2023 - 8:15 a.m.

CVE-2022-40525

2023-06-0608:15:11

CWE-668

CWE-200

[email protected]

web.nvd.nist.gov

cve-2022-40525

information disclosure

linux networking firmware

unauthorized information leak

side channel analysis

nvd

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

Affected configurations

NVD

Node

qualcommcsr8811_firmwareMatch-

AND

qualcommcsr8811Match-

Node

qualcommipq6000_firmwareMatch-

AND

qualcommipq6000Match-

Node

qualcommipq6005_firmwareMatch-

AND

qualcommipq6005Match-

Node

qualcommipq6010_firmwareMatch-

AND

qualcommipq6010Match-

Node

qualcommipq6018_firmwareMatch-

AND

qualcommipq6018Match-

Node

qualcommipq6028_firmwareMatch-

AND

qualcommipq6028Match-

Node

qualcommipq9008_firmwareMatch-

AND

qualcommipq9008Match-

Node

qualcommipq9574_firmwareMatch-

AND

qualcommipq9574Match-

Node

qualcommqca4024_firmwareMatch-

AND

qualcommqca4024Match-

Node

qualcommqca8072_firmwareMatch-

AND

qualcommqca8072Match-

Node

qualcommqca8075_firmwareMatch-

AND

qualcommqca8075Match-

Node

qualcommqca8081_firmwareMatch-

AND

qualcommqca8081Match-

Node

qualcommqca8082_firmwareMatch-

AND

qualcommqca8082Match-

Node

qualcommqca8084_firmwareMatch-

AND

qualcommqca8084Match-

Node

qualcommqca8085_firmwareMatch-

AND

qualcommqca8085Match-

Node

qualcommqca8386_firmwareMatch-

AND

qualcommqca8386Match-

Node

qualcommqcn5021_firmwareMatch-

AND

qualcommqcn5021Match-

Node

qualcommqcn5022_firmwareMatch-

AND

qualcommqcn5022Match-

Node

qualcommqcn5052_firmwareMatch-

AND

qualcommqcn5052Match-

Node

qualcommqcn5121_firmwareMatch-

AND

qualcommqcn5121Match-

Node

qualcommqcn5122_firmwareMatch-

AND

qualcommqcn5122Match-

Node

qualcommqcn5152_firmwareMatch-

AND

qualcommqcn5152Match-

Node

qualcommqcn6023_firmwareMatch-

AND

qualcommqcn6023Match-

Node

qualcommqcn6024_firmwareMatch-

AND

qualcommqcn6024Match-

Node

qualcommqcn9000_firmwareMatch-

AND

qualcommqcn9000Match-

Node

qualcommqcn9022_firmwareMatch-

AND

qualcommqcn9022Match-

Node

qualcommqcn9024_firmwareMatch-

AND

qualcommqcn9024Match-

Node

qualcommqcn9070_firmwareMatch-

AND

qualcommqcn9070Match-

Node

qualcommqcn9072_firmwareMatch-

AND

qualcommqcn9072Match-

Node

qualcommqcn9074_firmwareMatch-

AND

qualcommqcn9074Match-

Node

qualcommqcn9274_firmwareMatch-

AND

qualcommqcn9274Match-

CPENameOperatorVersion
qualcomm:csr8811_firmwarequalcomm csr8811 firmwareeq-

CPE	Name	Operator	Version
qualcomm:csr8811_firmware	qualcomm csr8811 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Wired Infrastructure and Networking"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "CSR8811"
      },
      {
        "status": "affected",
        "version": "IPQ6000"
      },
      {
        "status": "affected",
        "version": "IPQ6005"
      },
      {
        "status": "affected",
        "version": "IPQ6010"
      },
      {
        "status": "affected",
        "version": "IPQ6018"
      },
      {
        "status": "affected",
        "version": "IPQ6028"
      },
      {
        "status": "affected",
        "version": "IPQ9008"
      },
      {
        "status": "affected",
        "version": "IPQ9574"
      },
      {
        "status": "affected",
        "version": "QCA4024"
      },
      {
        "status": "affected",
        "version": "QCA8072"
      },
      {
        "status": "affected",
        "version": "QCA8075"
      },
      {
        "status": "affected",
        "version": "QCA8081"
      },
      {
        "status": "affected",
        "version": "QCA8082"
      },
      {
        "status": "affected",
        "version": "QCA8084"
      },
      {
        "status": "affected",
        "version": "QCA8085"
      },
      {
        "status": "affected",
        "version": "QCA8386"
      },
      {
        "status": "affected",
        "version": "QCN5021"
      },
      {
        "status": "affected",
        "version": "QCN5022"
      },
      {
        "status": "affected",
        "version": "QCN5052"
      },
      {
        "status": "affected",
        "version": "QCN5121"
      },
      {
        "status": "affected",
        "version": "QCN5122"
      },
      {
        "status": "affected",
        "version": "QCN5152"
      },
      {
        "status": "affected",
        "version": "QCN6023"
      },
      {
        "status": "affected",
        "version": "QCN6024"
      },
      {
        "status": "affected",
        "version": "QCN9000"
      },
      {
        "status": "affected",
        "version": "QCN9022"
      },
      {
        "status": "affected",
        "version": "QCN9024"
      },
      {
        "status": "affected",
        "version": "QCN9070"
      },
      {
        "status": "affected",
        "version": "QCN9072"
      },
      {
        "status": "affected",
        "version": "QCN9074"
      },
      {
        "status": "affected",
        "version": "QCN9274"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for CVE-2022-40525

prion1 cvelist1 nvd1