Buffer Overflow in Snapdragon Products by Qualcomm
CVE-2022-25663

5.5MEDIUM

Key Information:

Vendor: Qualcomm
Status: Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
Vendor: CVE Published:; 19 October 2022

Summary

A potential buffer overflow vulnerability exists in Qualcomm Snapdragon products due to insufficient buffer length checks during management frame reception. This flaw can lead to a denial of service, impacting the functionality of affected devices such as Snapdragon Compute and Connectivity solutions. Users and administrators are advised to apply any available patches to mitigate risks associated with this vulnerability.

Affected Version(s)

Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity AQT1000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA6390, QCA6391, QCA6420, QCA6430, SD 8cx Gen2, SD 8cx Gen3, SD778G, SD7c, SD850, SM6250, WCD9340, WCD9341, WCD9380, WCD9385, WCN3990, WCN3991, WCN3998, WCN6750, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2022
Vulnerability Reserved
Feb 22, 2022