CVE-2022-22089

Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

19 Apr 2023, 17:10

Type	Values Removed	Values Added
CPE	cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:::::::*

20 Sep 2022, 13:09

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-190
CPE		cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8475_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx65:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:h:qualcomm:ar8035:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:ar8035_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wcn6856:-:::::::* cpe:2.3:h:qualcomm:sw5100p:-:::::::* cpe:2.3:h:qualcomm:wsa8832:-:::::::* cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:wcn6855:-:::::::* cpe:2.3:h:qualcomm:wcn3988:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::* cpe:2.3:h:qualcomm:qca8081:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:sw5100p_firmware:-:::::::* cpe:2.3:o:qualcomm:sw5100_firmware:-:::::::* cpe:2.3:h:qualcomm:sm7450:-:::::::* cpe:2.3:h:qualcomm:wcn7851:-:::::::* cpe:2.3:o:qualcomm:sm7450_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:h:qualcomm:sm8475p:-:::::::* cpe:2.3:o:qualcomm:wcn6750_firmware:-:::::::* cpe:2.3:h:qualcomm:sm8475:-:::::::* cpe:2.3:h:qualcomm:qca8337:-:::::::* cpe:2.3:o:qualcomm:qca8081_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:sw5100:-:::::::* cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:::::::* cpe:2.3:o:qualcomm:sm8475p_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn7851_firmware:-:::::::* cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6750:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:sdx65_firmware:-:::::::* cpe:2.3:o:qualcomm:qca8337_firmware:-:::::::*
References	~~(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin -~~	(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin - Vendor Advisory
First Time		Qualcomm wcn6856 Firmware Qualcomm wcd9375 Firmware Qualcomm wsa8830 Firmware Qualcomm sm7450 Firmware Qualcomm wsa8835 Firmware Qualcomm wcn3980 Qualcomm sm8475p Firmware Qualcomm sm7450 Qualcomm sw5100 Firmware Qualcomm qca8081 Qualcomm ar8035 Firmware Qualcomm wcn6856 Qualcomm Qualcomm wcn7851 Firmware Qualcomm wsa8830 Qualcomm wcd9370 Qualcomm sdx65 Firmware Qualcomm wcd9380 Firmware Qualcomm wcd9380 Qualcomm sd 8 Gen1 5g Firmware Qualcomm sw5100p Qualcomm qca8081 Firmware Qualcomm wcn6855 Firmware Qualcomm sm8475p Qualcomm sdx65 Qualcomm wcn6855 Qualcomm qca8337 Qualcomm wcd9385 Qualcomm wcn3980 Firmware Qualcomm wcn7851 Qualcomm sm8475 Firmware Qualcomm sd 8 Gen1 5g Qualcomm wcd9370 Firmware Qualcomm wcn6750 Qualcomm ar8035 Qualcomm wcn6750 Firmware Qualcomm wcn3988 Firmware Qualcomm qca8337 Firmware Qualcomm wcd9375 Qualcomm sw5100 Qualcomm wcn3988 Qualcomm wsa8832 Firmware Qualcomm sw5100p Firmware Qualcomm wcd9385 Firmware Qualcomm wsa8835 Qualcomm wsa8832 Qualcomm sm8475

16 Sep 2022, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-09-16 06:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-22089

Mitre link : CVE-2022-22089

CVE.ORG link : CVE-2022-22089

JSON object : View

Products Affected

qualcomm

wcn3980
wcn3988
wcd9380_firmware
wcn7851_firmware
wcd9375_firmware
sdx65_firmware
wcn3980_firmware
wcn6855_firmware
wcd9375
wsa8832_firmware
wsa8835
sm8475
sw5100p
wcd9385
qca8337_firmware
sm7450_firmware
wcn3988_firmware
sm8475p
wsa8830_firmware
ar8035
wcn6750_firmware
ar8035_firmware
wsa8830
sw5100p_firmware
sw5100_firmware
wcd9370_firmware
wsa8835_firmware
sdx65
wcd9370
wcd9380
wcn6855
wcn6856_firmware
wcn6750
sw5100
sd_8_gen1_5g_firmware
qca8081_firmware
qca8081
qca8337
sm7450
wcn7851
wcn6856
wsa8832
sm8475p_firmware
sm8475_firmware
wcd9385_firmware

CWE

CWE-190

Integer Overflow or Wraparound

7.8 /10