gsd-2022-33225
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Memory corruption due to use after free in trusted application environment.
Aliases
Aliases
{ GSD: { alias: "CVE-2022-33225", description: "Memory corruption due to use after free in trusted application environment.", id: "GSD-2022-33225", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2022-33225", ], details: "Memory corruption due to use after free in trusted application environment.", id: "GSD-2022-33225", modified: "2023-12-13T01:19:24.255028Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "product-security@qualcomm.com", ID: "CVE-2022-33225", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Snapdragon", version: { version_data: [ { version_affected: "=", version_value: "APQ8096AU", }, { version_affected: "=", version_value: "MDM9628", }, { version_affected: "=", version_value: "MSM8996AU", }, { version_affected: "=", version_value: "QCA6390", }, { version_affected: "=", version_value: "QCA6391", }, { version_affected: "=", version_value: "QCA6426", }, { version_affected: "=", version_value: "QCA6436", }, { version_affected: "=", version_value: "QCA6564A", }, { version_affected: "=", version_value: "QCA6564AU", }, { version_affected: "=", version_value: "QCA6574A", }, { version_affected: "=", version_value: "QCA6574AU", }, { version_affected: "=", version_value: "Qualcomm215", }, { version_affected: "=", version_value: "SD205", }, { version_affected: "=", version_value: "SD210", }, { version_affected: "=", version_value: "SD429", }, { version_affected: "=", version_value: "SD865 5G", }, { version_affected: "=", version_value: "SD870", }, { version_affected: "=", version_value: "SDM429W", }, { version_affected: "=", version_value: "SDX55M", }, { version_affected: "=", version_value: "SDXR2 5G", }, { version_affected: "=", version_value: "WCD9340", }, { version_affected: "=", version_value: "WCD9380", }, { version_affected: "=", version_value: "WCN3610", }, { version_affected: "=", version_value: "WCN3620", }, { version_affected: "=", version_value: "WCN3660B", }, { version_affected: "=", version_value: "WCN6850", }, { version_affected: "=", version_value: "WCN6851", }, { version_affected: "=", version_value: "WSA8810", }, { version_affected: "=", version_value: "WSA8815", }, ], }, }, ], }, vendor_name: "Qualcomm, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Memory corruption due to use after free in trusted application environment.", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-416", lang: "eng", value: "CWE-416 Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin", refsource: "MISC", url: "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin", }, ], }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DD17C0A3-A200-4659-968B-B2DA03CB683F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*", matchCriteriaId: "B1F31FFB-982A-4308-82F8-C2480DABDED8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ADC6FBEE-D2FA-4660-A078-D6CE2097653D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*", matchCriteriaId: "F6BD8A1C-D9AB-4BE7-A855-31E58631879C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8CA1E7B0-782B-4757-B118-802943798984", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", matchCriteriaId: "95CB08EC-AE12-4A54-AA3C-998F01FC8763", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "96FBD6DF-F174-4690-AA3D-1E8974E3627F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", matchCriteriaId: "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "83B53119-1B2F-4978-B7F5-33B84BE73B68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "04F574BC-9AB2-4B83-A466-556ECEBBD3DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", matchCriteriaId: "A34D021D-C043-4EFD-9AB3-B2174528CBA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "886124F6-B397-4EB6-8E01-6012E468ABE9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", matchCriteriaId: "93ED74CE-6BF2-4983-8780-07D5336745B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B59672A0-2FA6-46CC-B75A-C599B842AFB9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", matchCriteriaId: "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "828CFB37-76A6-4927-9D00-AF9A1C432DD6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", matchCriteriaId: "11405993-5903-4716-B452-370281034B42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", matchCriteriaId: "8374DDB3-D484-4141-AE0C-42333D2721F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "ED28C2CB-818D-47FF-B9CC-746243DC1E61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qualcomm215:-:*:*:*:*:*:*:*", matchCriteriaId: "4ADFD2AF-C62F-4684-A238-E9080A3FEE01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "47AB5135-6391-45C1-81DE-803E3834F196", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*", matchCriteriaId: "FCEF246C-6B39-4DC2-81B0-040DCAAD5177", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6D6965-B5B2-46D2-8718-43B7B22441C0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*", matchCriteriaId: "E75C7497-A7DC-436B-BACD-71F69D99517D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D32539EB-9822-4864-8ECA-E9F9FB86CD25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd429:-:*:*:*:*:*:*:*", matchCriteriaId: "3945686E-666C-4A47-A062-608AD8C6F112", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "72433485-B229-46A6-BCA4-394AA4EEA683", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", matchCriteriaId: "04D40EC4-BF31-4BFD-8D0A-8193F541AF02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "577B18AC-9892-4373-AC0F-9FD477D64388", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C7E52771-4FB7-45DB-A349-4DD911F53752", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*", matchCriteriaId: "72F6CE39-9299-4FC3-BC48-11F79034F2E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B726BE34-E18B-4A88-B8E6-778215FD419E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", matchCriteriaId: "585B794A-0674-418B-B45B-42EA97C40B9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", matchCriteriaId: "41EE5CAD-014A-4623-A177-154A8D93E01F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", matchCriteriaId: "94D2BDF1-764C-48BA-8944-3275E8768078", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "70292B01-617F-44AD-AF77-1AFC1450523D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", matchCriteriaId: "FA94C6D6-85DB-4031-AAF4-C399019AE16D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", matchCriteriaId: "044A14FB-64F6-4200-AC85-8DC91C31BD16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D99CA230-0694-4898-A06E-9C522CCB86CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*", matchCriteriaId: "62B00662-139A-4E36-98FA-D4F7D101D4AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FB37B5DB-2493-4082-B2BF-60385B7E027C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", matchCriteriaId: "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3293739B-53D5-48C1-BC3A-FAA74D6C7954", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", matchCriteriaId: "E650C510-037F-47DB-A486-EBF871C73278", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DD031A8D-A48A-4363-8C00-C1FF5458D0FB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", matchCriteriaId: "64F5D7CA-6F31-4842-AC66-EB975C19C83D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "15307882-7039-43E9-9BA3-035045988B99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", matchCriteriaId: "AA85B322-E593-4499-829A-CC6D70BAE884", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", matchCriteriaId: "7E870D82-DE3B-4199-A730-C8FB545BAA98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], descriptions: [ { lang: "en", value: "Memory corruption due to use after free in trusted application environment.", }, ], id: "CVE-2022-33225", lastModified: "2024-04-12T17:16:02.457", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "product-security@qualcomm.com", type: "Secondary", }, ], }, published: "2023-02-12T04:15:13.907", references: [ { source: "product-security@qualcomm.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin", }, ], sourceIdentifier: "product-security@qualcomm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "product-security@qualcomm.com", type: "Secondary", }, ], }, }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.