Denial of Service Vulnerability in Qualcomm Snapdragon Products
CVE-2022-25710

7.5HIGH

Key Information:

Vendor
Qualcomm
Status
Snapdragon Auto, Snapdragon Consumer Iot, Snapdragon Industrial Iot, Snapdragon Mobile, Snapdragon Voice & Music
Vendor
CVE Published:
15 November 2022

Summary

This vulnerability affects multiple Qualcomm Snapdragon products, causing a denial of service condition due to a null pointer dereference when the GATT (Generic Attribute Profile) connection is disconnected. This issue has implications for device stability and user experience, particularly in environments reliant on consistent connectivity like automotive and IoT applications.

Affected Version(s)

Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music APQ8009

Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music APQ8017

Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music APQ8096AU

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.