CVE-2022-22089

EPSS 0.08%
Published 16.09.2022 06:15:09
Last modified 21.11.2024 06:46:09
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Ar8035 Firmware Version-

Qualcomm ≫ Ar8035 Version-

Qualcomm ≫ Qca8081 Firmware Version-

Qualcomm ≫ Qca8081 Version-

Qualcomm ≫ Qca8337 Firmware Version-

Qualcomm ≫ Qca8337 Version-

Qualcomm ≫ Sd 8 Gen1 5g Firmware Version-

Qualcomm ≫ Sm8475 Version-

Qualcomm ≫ Sdx65 Firmware Version-

Qualcomm ≫ Sdx65 Version-

Qualcomm ≫ Sm7450 Firmware Version-

Qualcomm ≫ Sm7450 Version-

Qualcomm ≫ Sm8475 Firmware Version-

Qualcomm ≫ Sm8475 Version-

Qualcomm ≫ Sm8475p Firmware Version-

Qualcomm ≫ Sm8475p Version-

Qualcomm ≫ Sw5100 Firmware Version-

Qualcomm ≫ Sw5100 Version-

Qualcomm ≫ Sw5100p Firmware Version-

Qualcomm ≫ Sw5100p Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9375 Firmware Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Firmware Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn6750 Firmware Version-

Qualcomm ≫ Wcn6750 Version-

Qualcomm ≫ Wcn6855 Firmware Version-

Qualcomm ≫ Wcn6855 Version-

Qualcomm ≫ Wcn6856 Firmware Version-

Qualcomm ≫ Wcn6856 Version-

Qualcomm ≫ Wcn7851 Firmware Version-

Qualcomm ≫ Wcn7851 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8832 Firmware Version-

Qualcomm ≫ Wsa8832 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.252

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-22089

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-22089

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-22089

EUVD