Buffer Overflow Vulnerability in Snapdragon Products by Qualcomm
CVE-2022-25687

7.3HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Iot, Snapdragon Industrial Iot, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Vendor: CVE Published:; 19 October 2022

Summary

A vulnerability has been identified in Qualcomm's Snapdragon products, where a buffer overflow error during the parsing of ASF clips can lead to memory corruption. This issue affects a wide range of Snapdragon platforms, potentially exposing devices to unexpected behavior or crashes. Users and administrators are encouraged to apply patches and stay updated to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables APQ8009

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables APQ8009W

Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables APQ8017

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2022
Vulnerability Reserved
Feb 22, 2022