Memory Corruption Vulnerability in Snapdragon Products by Qualcomm
CVE-2022-33214
Key Information:
- Vendor
- Qualcomm
- Vendor
- CVE Published:
- 19 October 2022
Summary
This vulnerability entails a memory corruption issue that arises from a time-of-check time-of-use (TOCTOU) flaw in the handling of metadata reserved size. The affected Snapdragon products, including automotive, industrial, consumer IoT, mobile, and wearables categories, may be susceptible to exploitation, potentially impacting the integrity of the device's operation and security. It is crucial for users and organizations utilizing these products to be aware of this vulnerability and consider implementing necessary security measures as advised by Qualcomm.
Affected Version(s)
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables AQT1000, QAM8295P, QCA6390, QCA6391, QCA6420, QCA6430, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCC5100, QCM2290, QCM4290, QCM6125, QCM6490, QCN7606, QCS2290, QCS410, QCS4290, QCS610, QCS6125, QCS6490, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 675, SD 8 Gen1 5G, SD439, SD460, SD480, SD660, SD662, SD675, SD678, SD680, SD690 5G, SD695, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDX50M, SDX55, SDX55M, SM4125, SM4375, SM6250, SM7250P, SM7315, SM7325P, SW5100, SW5100P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved