CVE-2022-22061

Summary

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Compute, Snapdragon Connectivity, Snapdragon MobileAR8035, QCA6390, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA8081, QCA8337, SD 8 Gen1 5G, SD865 5G, SD870, SD888 5G, SDX55M, SDX65, SDXR2 5G, SM7450, SM8475, SM8475P, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6855, WCN6856, WCN7851, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835affected

Weaknesses

  • String Errors in HLOS

ADP Enrichment

CVE Program Container

Additional References

References