Memory Corruption in Snapdragon Products by Qualcomm
CVE-2022-25712

7.8HIGH

Key Information:

Vendor

Qualcomm
Status
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Iot, Snapdragon Mobile, Snapdragon Wearables
Vendor
CVE Published:
13 December 2022

What is CVE-2022-25712?

A memory corruption vulnerability has been identified in various Qualcomm Snapdragon products, including Snapdragon Auto, Compute, Consumer IoT, Mobile, and Wearables. This issue arises from insufficient checking of input sizes during buffer copying operations, which could potentially lead to unauthorized access or modification of system memory. Exploitation of this vulnerability may compromise the integrity and availability of affected devices, necessitating immediate attention from users and device manufacturers.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables AQT1000

Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables MDM9150

Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables QCA6310

References

https://www.qualcomm.com/company/product-security/bulleti...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.