CVE-2022-40540

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-40540
Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://bugzilla.suse.com/show_bug.cgi?id=1209597
https://security.netapp.com/advisory/ntap-20230616-0001/
https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
History

25 Mar 2024, 05:15

Type Values Removed Values Added
References
  • () https://bugzilla.suse.com/show_bug.cgi?id=1209597 -

16 Jun 2023, 15:15

Type Values Removed Values Added
References
  • (MISC) https://security.netapp.com/advisory/ntap-20230616-0001/ -

19 Apr 2023, 17:10

Type Values Removed Values Added
First Time Qualcomm sm8475
CPE cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

16 Mar 2023, 16:09

Type Values Removed Values Added
CPE cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*
First Time Qualcomm wcn6850
Qualcomm wcn6851
Qualcomm wcn6851 Firmware
Qualcomm wsa8830 Firmware
Qualcomm wcn7850
Qualcomm wsa8835
Qualcomm
Qualcomm wcn7851
Qualcomm sd888 5g Firmware
Qualcomm sd 8 Gen1 5g Firmware
Qualcomm wcn7850 Firmware
Qualcomm sw5100p Firmware
Qualcomm wcd9380 Firmware
Qualcomm wcd9385 Firmware
Qualcomm wsa8830
Qualcomm wcn3980
Qualcomm sw5100p
Qualcomm sw5100 Firmware
Qualcomm wcn6855
Qualcomm sw5100
Qualcomm wcn3988 Firmware
Qualcomm wcn6856
Qualcomm wsa8835 Firmware
Qualcomm wcn3988
Qualcomm wcd9385
Qualcomm wcn6855 Firmware
Qualcomm sd 8 Gen1 5g
Qualcomm wcn6850 Firmware
Qualcomm wcn3980 Firmware
Qualcomm wcn7851 Firmware
Qualcomm sd888 5g
Qualcomm wcd9380
Qualcomm wcn6856 Firmware
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
References (MISC) https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin - (MISC) https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin - Patch, Vendor Advisory
CWE CWE-120

10 Mar 2023, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-03-10 21:15

Updated : 2024-04-12 17:16

NVD link : CVE-2022-40540

Mitre link : CVE-2022-40540

CVE.ORG link : CVE-2022-40540

JSON object : View

Products Affected

qualcomm

  • wcd9380_firmware
  • wcn6855_firmware
  • sw5100p
  • wsa8830_firmware
  • wcn6851
  • wcd9385
  • sm8475
  • sd888_5g
  • wcn3980
  • wcd9385_firmware
  • wcn3988
  • wcn7851
  • wcd9380
  • wsa8835_firmware
  • wcn3988_firmware
  • wcn7850
  • wcn6851_firmware
  • sw5100
  • wcn3980_firmware
  • sd_8_gen1_5g_firmware
  • wcn6850
  • wcn7850_firmware
  • sd888_5g_firmware
  • wcn6855
  • wcn6850_firmware
  • wcn6856
  • wcn7851_firmware
  • wsa8835
  • sw5100_firmware
  • sw5100p_firmware
  • wsa8830
  • wcn6856_firmware
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')