CVE-2022-25663

5.5MEDIUM

Key Information:

Vendor: Qualcomm
Status: Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
Vendor: CVE Published:; 19 October 2022

Summary

Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Affected Version(s)

Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity AQT1000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA6390, QCA6391, QCA6420, QCA6430, SD 8cx Gen2, SD 8cx Gen3, SD778G, SD7c, SD850, SM6250, WCD9340, WCD9341, WCD9380, WCD9385, WCN3990, WCN3991, WCN3998, WCN6750, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2022
Vulnerability Reserved
Feb 22, 2022