cve-2022-25750
Vulnerability from cvelistv5
Published
2022-10-17 00:00
Modified
2024-08-03 04:49
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile
References
product-security@qualcomm.comhttps://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletinPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletinPatch, Vendor Advisory
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Mobile Version: Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T04:49:43.167Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Snapdragon Mobile",
               vendor: "Qualcomm, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Double Free in BTHOST",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-19T00:00:00",
            orgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            shortName: "qualcomm",
         },
         references: [
            {
               url: "https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
      assignerShortName: "qualcomm",
      cveId: "CVE-2022-25750",
      datePublished: "2022-10-17T00:00:00",
      dateReserved: "2022-02-22T00:00:00",
      dateUpdated: "2024-08-03T04:49:43.167Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2022-25750\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2022-10-19T11:15:10.953\",\"lastModified\":\"2024-11-21T06:52:55.503\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile\"},{\"lang\":\"es\",\"value\":\"Una corrupción de memoria en BTHOST debido a una doble liberación mientras es reproducida música y son realizadas llamadas a través de auriculares bluetooth en Snapdragon Mobile\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:kailua_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD29AC3F-4676-4ADB-A15D-A30D698111BA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:kailua:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3907F3D9-FCED-41AE-A47F-E4C3D1F845DC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sg8275_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4ECE56-FD6C-4A0F-A024-8AF7A7450096\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sg8275:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E26A0E2-ABC4-4B97-9DFB-FB27F95E0F07\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8509F3A3-A1CA-466B-9031-4146C36B9AF8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sg8275p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1813AB7-44F5-476B-9533-536F5B2F26BB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F6DE83F-F601-4560-96B0-85BC4C153A0A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C39AB5E-6BEC-4A5B-ADE1-1AFCECEF9297\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70292B01-617F-44AD-AF77-1AFC1450523D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA94C6D6-85DB-4031-AAF4-C399019AE16D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92B17201-8185-47F1-9720-5AB4ECD11B22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1FA2EB9-416F-4D69-8786-386CC73978AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"896F1C04-9957-440F-BF01-C3772CC3B3DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90555EB-47A7-4717-92D5-35B561825F06\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"699056F6-1517-4F25-AE07-4FFCF6923B9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4C023D2-6FF5-4FFC-B9F2-895979166580\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180EB150-C114-429D-941F-9B99CDA4F810\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93BA62AF-3555-463A-8B51-76F07BF0B87E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54C616C5-6480-4FE0-9A1C-08026CCB08D8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16EB11D8-27A3-4D04-B863-7FD4549D0BCD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FFC44DC-DA90-45F5-ACC1-5262D3E3A796\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE9D9A56-2157-43F0-BB18-2B7249D7E021\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA33DE15-C177-43B3-AD50-FF797753D12E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1A5841-5BCB-4033-ACB9-23F3FCA65309\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B47BF35-3AA0-4667-842E-19B0FE30BF3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A071672-9405-4418-9141-35CEADBB65AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7CF473-8B25-4851-91F2-1BD693CCDC85\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E591F2-8F72-4A5A-9264-2742EB2DABDA\"}]}]}],\"references\":[{\"url\":\"https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.