6.8
CVE-2022-33297
- EPSS 0.03%
- Veröffentlicht 13.04.2023 07:15:18
- Zuletzt bearbeitet 21.11.2024 07:08:06
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Information disclosure due to buffer overread in Linux sensors
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Qca6310 Firmware Version-
Qualcomm ≫ Qca6320 Firmware Version-
Qualcomm ≫ Sd835 Firmware Version-
Qualcomm ≫ Snapdragon 835 Mobile Platform Firmware Version-
Qualcomm ≫ Wcd9335 Firmware Version-
Qualcomm ≫ Wcd9340 Firmware Version-
Qualcomm ≫ Wcd9341 Firmware Version-
Qualcomm ≫ Wcn3990 Firmware Version-
Qualcomm ≫ Wsa8810 Firmware Version-
Qualcomm ≫ Wsa8815 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.059 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| product-security@qualcomm.com | 6.8 | 2.5 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-126 Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.