Lucene search

QualcommCVELIST:CVE-2022-25750

HistoryOct 17, 2022 - 12:00 a.m.

CVE-2022-25750

2022-10-1700:00:00

qualcomm

www.cve.org

memory corruption

bthost

music playback

bluetooth calls

snapdragon mobile

cve-2022-25750

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

26.4%

JSON

Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile

CNA Affected

[
  {
    "vendor": "Qualcomm, Inc.",
    "product": "Snapdragon Mobile",
    "versions": [
      {
        "version": "Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H",
        "status": "affected"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

26.4%

JSON

Related for CVELIST:CVE-2022-25750