CVE-2022-33226

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin	Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sm8450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8450:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sm8150-ac_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8150-ac:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sm8350_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8350:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sm8350-ac_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8350-ac:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_wear_4100\+_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_wear_4100\+_platform:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:07

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 6.7
References	~~() https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory~~	() https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory

14 Jun 2023, 02:29

Type	Values Removed	Values Added
CPE		cpe:2.3:h:qualcomm:wcn3998:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8150-ac_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8150_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3680b:-:::::::* cpe:2.3:h:qualcomm:qca6430:-:::::::* cpe:2.3:o:qualcomm:sa8255p_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn785x-5:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:sd855:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3610:-:::::::* cpe:2.3:h:qualcomm:qca6797aq:-:::::::* cpe:2.3:h:qualcomm:qam8255p:-:::::::* cpe:2.3:o:qualcomm:wcn3610_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:h:qualcomm:aqt1000:-:::::::* cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn785x-1:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:h:qualcomm:wcn685x-1:-:::::::* cpe:2.3:h:qualcomm:sm8150:-:::::::* cpe:2.3:o:qualcomm:sm8350_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn685x-5:-:::::::* cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:::::::* cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_wear_4100\+_platform:-:::::::* cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:o:qualcomm:qca6797aq_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3991_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8255p_firmware:-:::::::* cpe:2.3:h:qualcomm:sm8350:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:sd855_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8450_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:sm8350-ac_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:h:qualcomm:sm8350-ac:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8255p:-:::::::* cpe:2.3:h:qualcomm:sm8150-ac:-:::::::* cpe:2.3:h:qualcomm:qca6420:-:::::::* cpe:2.3:o:qualcomm:qca6430_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:qca6420_firmware:-:::::::* cpe:2.3:h:qualcomm:sm8450:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:o:qualcomm:snapdragon_wear_4100\+_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3680b_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wcn3991:-:::::::* cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
References	~~(MISC) https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin -~~	(MISC) https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-120

06 Jun 2023, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-06 08:15

Updated : 2024-11-21 07:07

NVD link : CVE-2022-33226

Mitre link : CVE-2022-33226

CVE.ORG link : CVE-2022-33226

JSON object : View

Products Affected

qualcomm

wcn785x-5
wcn685x-1
wcn3680b
qca6420
sm8350_firmware
wsa8810
sm8150
wcn785x-1
wcn3991
wcn3610_firmware
sa8255p
wsa8815_firmware
sm8150_firmware
wcn3680b_firmware
aqt1000
wcn3980_firmware
sm8350-ac
wcn3980
wsa8830
wcd9380
qca6595au
sm8150-ac
wsa8830_firmware
sd855_firmware
sm8450_firmware
wcd9385
wsa8815
wcn685x-1_firmware
wsa8835
qca6595au_firmware
qca6698aq
wcd9385_firmware
wcn685x-5
wcn785x-1_firmware
qca6574au
snapdragon_wear_4100\+_platform_firmware
wsa8810_firmware
wcd9341_firmware
wcn3660b_firmware
qca6797aq_firmware
qca6698aq_firmware
sm8450
qam8255p
wcn3991_firmware
wcn3660b
qca6797aq
wcn3998
qca6430
wcd9341
qca6430_firmware
wcn3610
sd855
qca6574au_firmware
wcn785x-5_firmware
qca6420_firmware
snapdragon_wear_4100\+_platform
wcd9380_firmware
aqt1000_firmware
wsa8835_firmware
wcn685x-5_firmware
qam8255p_firmware
sa8255p_firmware
sm8150-ac_firmware
wcn3998_firmware
sm8350
sm8350-ac_firmware

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

6.7 /10