Lucene search

[email protected]NVD:CVE-2022-25723

HistoryOct 19, 2022 - 11:15 a.m.

CVE-2022-25723

2022-10-1911:15:10

CWE-416

[email protected]

web.nvd.nist.gov

memory corruption

multimedia

callback registration

snapdragon mobile

use after free

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile

Affected configurations

Nvd

Node

qualcommsd_8_gen1_5g_firmwareMatch-

AND

qualcommsm8475Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwcn7850_firmwareMatch-

AND

qualcommwcn7850Match-

Node

qualcommwcn7851_firmwareMatch-

AND

qualcommwcn7851Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

VendorProductVersionCPE
qualcommsd_8_gen1_5g_firmware-cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
qualcommsm8475-cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*
qualcommwcd9380_firmware-cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
qualcommwcd9380-cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
qualcommwcn6855_firmware-cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
qualcommwcn6855-cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*
qualcommwcn6856_firmware-cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
qualcommwcn6856-cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*
qualcommwcn7850_firmware-cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
qualcommwcn7850-cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	sd_8_gen1_5g_firmware	-	cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::*
qualcomm	sm8475	-	cpe:2.3:h:qualcomm:sm8475:-:::::::*
qualcomm	wcd9380_firmware	-	cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9380	-	cpe:2.3:h:qualcomm:wcd9380:-:::::::*
qualcomm	wcn6855_firmware	-	cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::*
qualcomm	wcn6855	-	cpe:2.3:h:qualcomm:wcn6855:-:::::::*
qualcomm	wcn6856_firmware	-	cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::*
qualcomm	wcn6856	-	cpe:2.3:h:qualcomm:wcn6856:-:::::::*
qualcomm	wcn7850_firmware	-	cpe:2.3:o:qualcomm:wcn7850_firmware:-:::::::*
qualcomm	wcn7850	-	cpe:2.3:h:qualcomm:wcn7850:-:::::::*

Rows per page:

1-10 of 161

References

www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-25723

cve1 prion1 cvelist1