16 matches found
CVE-2022-33223
CVE-2022-33223 describes a transient Denial of Service in the Modem caused by a null pointer dereference while processing incoming packets using HTTP chunked encoding. The CVSS v3.1 vector (NETWORK, LOW AC, NONE PR, UI, S=U) yields a base score of 7.5 (HIGH). The vulnerability is associated with ...
CVE-2022-33294
CVE-2022-33294 affects Qualcomm modem software where a NULL pointer dereference during processing of an lwm2m registration/update/bootstrap response leads to a transient denial-of-service. The impact is a crash or service disruption on the modem; CVSSv3.1 base score 7.5 (Network, Low attack compl...
CVE-2022-33228
CVE-2022-33228 affects Qualcomm modem chipsets. The vulnerability is an information disclosure caused by a buffer over-read when the modem processes an IPv6 header containing hop-by-hop or destination options. Documented impact is Confidentiality High; other impacts (Integrity, Availability) are ...
CVE-2022-33222
CVE-2022-33222 is a vulnerability described across multiple sources as an information disclosure caused by a buffer over-read when parsing DNS response packets in a Modem. The effect is a confidentiality impact (high) with no integrity/availability impact per the primary NVD entry, though CVSS ve...
CVE-2022-33295
CVE-2022-33295 describes an information-disclosure issue in the Modem caused by a buffer over-read while parsing a wms message. Affected: Modem component; root cause is reading beyond the provided buffer length, impacting confidentiality. No explicit exploited details or fixes are stated in the c...
CVE-2022-25730
CVE-2022-25730 affects modem/Qualcomm chipsets due to an improper IP type check while processing DNS server queries, causing information disclosure. Root cause: erroneous handling of IP type in DNS processing. Impact per sources: confidentiality leakage; exploitability is network-based with low c...
CVE-2022-25739
The CVE-2022-25739 entry describes a Denial of Service in a modem due to a missing null check when processing an IPv6 packet during an ECM call. Multiple sources (NVD, Red Hat, CNNVD, PRION, etc.) associate this with Qualcomm chipsets/modems, with a CVSS v3.1 base score of 7.5 (Network, Low/No Pr...
CVE-2022-25678
CVE-2022-25678 relates to memory corruption in Qualcomm modem chipsets caused by a buffer overwrite during a CoAP connection. The vulnerability’s root cause is a buffer overwrite in the modem, with impact described as memory correction. Affects Qualcomm chipsets’ modems; CVSS v3.1 base score 9.8 ...
CVE-2022-25740
CVE-2022-25740 affects Qualcomm modem firmware/chipsets. The issue is described as memory corruption caused by a buffer overwrite when building an IPv6 multicast address from the interface MAC. CVSS 3.1 base score 9.8 (Network, Low attack complexity, No privileges, No user interaction; impact to ...
CVE-2022-25726
CVE-2022-25726 concerns information disclosure in Qualcomm modem data due to an array out-of-bounds access while handling the incoming DNS response packet. Affected component is Qualcomm chipsets/controllers with modem functionality; root cause described as improper bounds/length handling during ...
CVE-2022-25731
CVE-2022-25731 concerns information disclosure in a modem component due to a buffer over-read while processing DNS server packets. The connected sources indicate the issue affects Qualcomm modem/chipset implementations (root cause described as incorrect buffer size calculation in the MODEM). Impa...
CVE-2022-25737
CVE-2022-25737 affects the modem component and is caused by a missing NULL check when reading packets from the local network, leading to information disclosure with High confidentiality impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Multiple connected sources (NVD, Red Hat, PRION, CNNVD...
CVE-2022-33258
CVE-2022-33258 affects Qualcomm modem firmware; the vulnerability is an information disclosure caused by a buffer over-read when reading configuration parameters in the modem. Documented in multiple sources as a buffer over-read leading to leakage of data; exploitation status is not detailed in t...
CVE-2022-33211
CVE-2022-33211 affects Qualcomm modem/chipset components. Root cause: memory corruption due to an improper check when calculating the size of a serialized CoAP message. CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, and high impact on ...
CVE-2022-25747
CVE-2022-25747 affects Qualcomm modem chipsets. The vulnerability is caused by improper input validation during parsing of upcoming CoAP messages, leading to information disclosure. Reported impact indicates high confidentiality impact (C:H/I:N/A:N) with network attack vector and low attack compl...
CVE-2022-33259
CVE-2022-33259 relates to memory corruption caused by a buffer copy without input size validation in a modem when decoding raw SMS. The vulnerability is described across multiple sources as affecting Qualcomm chipsets/modems, with a CVSS v3.1 base score of 9.8 (NETWORK, LOW complexity, no privile...