CVE-2022-22071

Warning

EPSS 0.5%
Published 14.06.2022 10:15:19
Last modified 02.04.2025 20:24:19
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Affected products Warnungen 1 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Apq8053 Firmware Version-

Qualcomm ≫ Apq8053 Version-

Qualcomm ≫ Ar8031 Firmware Version-

Qualcomm ≫ Ar8031 Version-

Qualcomm ≫ Ar8035 Firmware Version-

Qualcomm ≫ Ar8035 Version-

Qualcomm ≫ Csra6620 Firmware Version-

Qualcomm ≫ Csra6620 Version-

Qualcomm ≫ Csra6640 Firmware Version-

Qualcomm ≫ Csra6640 Version-

Qualcomm ≫ Mdm9150 Firmware Version-

Qualcomm ≫ Mdm9150 Version-

Qualcomm ≫ Msm8953 Firmware Version-

Qualcomm ≫ Msm8953 Version-

Qualcomm ≫ Qca6174a Firmware Version-

Qualcomm ≫ Qca6174a Version-

Qualcomm ≫ Qca6390 Firmware Version-

Qualcomm ≫ Qca6390 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6426 Firmware Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6436 Firmware Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qca6574 Firmware Version-

Qualcomm ≫ Qca6574 Version-

Qualcomm ≫ Qca6574a Firmware Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595au Firmware Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qca8081 Firmware Version-

Qualcomm ≫ Qca8081 Version-

Qualcomm ≫ Qca8337 Firmware Version-

Qualcomm ≫ Qca8337 Version-

Qualcomm ≫ Qca9377 Firmware Version-

Qualcomm ≫ Qca9377 Version-

Qualcomm ≫ Qcm2290 Firmware Version-

Qualcomm ≫ Qcm2290 Version-

Qualcomm ≫ Qcm4290 Firmware Version-

Qualcomm ≫ Qcm4290 Version-

Qualcomm ≫ Qcm6490 Firmware Version-

Qualcomm ≫ Qcm6490 Version-

Qualcomm ≫ Qcs2290 Firmware Version-

Qualcomm ≫ Qcs2290 Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qcs410 Firmware Version-

Qualcomm ≫ Qcs410 Version-

Qualcomm ≫ Qcs4290 Firmware Version-

Qualcomm ≫ Qcs4290 Version-

Qualcomm ≫ Qcs610 Firmware Version-

Qualcomm ≫ Qcs610 Version-

Qualcomm ≫ Qcs6490 Firmware Version-

Qualcomm ≫ Qcs6490 Version-

Qualcomm ≫ Qrb5165 Firmware Version-

Qualcomm ≫ Qrb5165 Version-

Qualcomm ≫ Qrb5165m Firmware Version-

Qualcomm ≫ Qrb5165m Version-

Qualcomm ≫ Qrb5165n Firmware Version-

Qualcomm ≫ Qrb5165n Version-

Qualcomm ≫ Qualcomm215 Firmware Version-

Qualcomm ≫ Qualcomm215 Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sd439 Firmware Version-

Qualcomm ≫ Sd439 Version-

Qualcomm ≫ Sd460 Firmware Version-

Qualcomm ≫ Sd460 Version-

Qualcomm ≫ Sd480 Firmware Version-

Qualcomm ≫ Sd480 Version-

Qualcomm ≫ Sd662 Firmware Version-

Qualcomm ≫ Sd662 Version-

Qualcomm ≫ Sd680 Firmware Version-

Qualcomm ≫ Sd680 Version-

Qualcomm ≫ Sd690 5g Firmware Version-

Qualcomm ≫ Sd690 5g Version-

Qualcomm ≫ Sd695 Firmware Version-

Qualcomm ≫ Sd695 Version-

Qualcomm ≫ Sd750g Firmware Version-

Qualcomm ≫ Sd750g Version-

Qualcomm ≫ Sd765 Firmware Version-

Qualcomm ≫ Sd765 Version-

Qualcomm ≫ Sd765g Firmware Version-

Qualcomm ≫ Sd765g Version-

Qualcomm ≫ Sd768g Firmware Version-

Qualcomm ≫ Sd768g Version-

Qualcomm ≫ Sd778g Firmware Version-

Qualcomm ≫ Sd778g Version-

Qualcomm ≫ Sd780g Firmware Version-

Qualcomm ≫ Sd780g Version-

Qualcomm ≫ Sd855 Firmware Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sd865 5g Firmware Version-

Qualcomm ≫ Sd865 5g Version-

Qualcomm ≫ Sd870 Firmware Version-

Qualcomm ≫ Sd870 Version-

Qualcomm ≫ Sd888 5g Firmware Version-

Qualcomm ≫ Sd888 5g Version-

Qualcomm ≫ Sdx12 Firmware Version-

Qualcomm ≫ Sdx12 Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sdx65 Firmware Version-

Qualcomm ≫ Sdx65 Version-

Qualcomm ≫ Sdxr2 5g Firmware Version-

Qualcomm ≫ Sdxr2 5g Version-

Qualcomm ≫ Sm4125 Firmware Version-

Qualcomm ≫ Sm4125 Version-

Qualcomm ≫ Sm7250p Firmware Version-

Qualcomm ≫ Sm7250p Version-

Qualcomm ≫ Sm7325p Firmware Version-

Qualcomm ≫ Sm7325p Version-

Qualcomm ≫ Wcd9326 Firmware Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9335 Firmware Version-

Qualcomm ≫ Wcd9335 Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9375 Firmware Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3615 Firmware Version-

Qualcomm ≫ Wcn3615 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680b Firmware Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3910 Firmware Version-

Qualcomm ≫ Wcn3910 Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Firmware Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3991 Firmware Version-

Qualcomm ≫ Wcn3991 Version-

Qualcomm ≫ Wcn3998 Firmware Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn3999 Firmware Version-

Qualcomm ≫ Wcn3999 Version-

Qualcomm ≫ Wcn6740 Firmware Version-

Qualcomm ≫ Wcn6740 Version-

Qualcomm ≫ Wcn6750 Firmware Version-

Qualcomm ≫ Wcn6750 Version-

Qualcomm ≫ Wcn6850 Firmware Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Firmware Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wcn6855 Firmware Version-

Qualcomm ≫ Wcn6855 Version-

Qualcomm ≫ Wcn6856 Firmware Version-

Qualcomm ≫ Wcn6856 Version-

Qualcomm ≫ Wcn7850 Firmware Version-

Qualcomm ≫ Wcn7850 Version-

Qualcomm ≫ Wcn7851 Firmware Version-

Qualcomm ≫ Wcn7851 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

05.12.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

Vulnerability

Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.

Description

Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.5%	0.651

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
product-security@qualcomm.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-22071

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-22071

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-22071

EUVD