CVE-2022-33225

EPSS 0.03%
Veröffentlicht 12.02.2023 04:15:13
Zuletzt bearbeitet 21.11.2024 07:07:46
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory corruption due to use after free in trusted application environment.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Apq8096au Firmware Version-

Qualcomm ≫ Apq8096au Version-

Qualcomm ≫ Mdm9628 Firmware Version-

Qualcomm ≫ Mdm9628 Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Qca6390 Firmware Version-

Qualcomm ≫ Qca6390 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6426 Firmware Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6436 Firmware Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qca6564a Firmware Version-

Qualcomm ≫ Qca6564a Version-

Qualcomm ≫ Qca6564au Firmware Version-

Qualcomm ≫ Qca6564au Version-

Qualcomm ≫ Qca6574a Firmware Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qualcomm215 Firmware Version-

Qualcomm ≫ Qualcomm215 Version-

Qualcomm ≫ Sd205 Firmware Version-

Qualcomm ≫ Sd205 Version-

Qualcomm ≫ Sd210 Firmware Version-

Qualcomm ≫ Sd210 Version-

Qualcomm ≫ Sd429 Firmware Version-

Qualcomm ≫ Sd429 Version-

Qualcomm ≫ Sd865 5g Firmware Version-

Qualcomm ≫ Sd865 5g Version-

Qualcomm ≫ Sd870 Firmware Version-

Qualcomm ≫ Sd870 Version-

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sdxr2 5g Firmware Version-

Qualcomm ≫ Sdxr2 5g Version-

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcn3610 Firmware Version-

Qualcomm ≫ Wcn3610 Version-

Qualcomm ≫ Wcn3620 Firmware Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn6850 Firmware Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Firmware Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.059

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-33225

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-33225

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-33225

EUVD