CVE-2022-25691

Summary

Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon MobileAR8035affected
Qualcomm, Inc.Snapdragon MobileQCA8081affected
Qualcomm, Inc.Snapdragon MobileQCA8337affected
Qualcomm, Inc.Snapdragon MobileQCN6024affected
Qualcomm, Inc.Snapdragon MobileQCN9024affected
Qualcomm, Inc.Snapdragon MobileSD 8 Gen1 5Gaffected
Qualcomm, Inc.Snapdragon MobileSD480affected
Qualcomm, Inc.Snapdragon MobileSD695affected
Qualcomm, Inc.Snapdragon MobileSDX65affected
Qualcomm, Inc.Snapdragon MobileSM4375affected
Qualcomm, Inc.Snapdragon MobileWCD9370affected
Qualcomm, Inc.Snapdragon MobileWCD9375affected
Qualcomm, Inc.Snapdragon MobileWCD9380affected
Qualcomm, Inc.Snapdragon MobileWCD9385affected
Qualcomm, Inc.Snapdragon MobileWCN3988affected
Qualcomm, Inc.Snapdragon MobileWCN3998affected
Qualcomm, Inc.Snapdragon MobileWCN6855affected
Qualcomm, Inc.Snapdragon MobileWCN6856affected
Qualcomm, Inc.Snapdragon MobileWCN7850affected
Qualcomm, Inc.Snapdragon MobileWCN7851affected
Qualcomm, Inc.Snapdragon MobileWSA8810affected
Qualcomm, Inc.Snapdragon MobileWSA8815affected
Qualcomm, Inc.Snapdragon MobileWSA8830affected
Qualcomm, Inc.Snapdragon MobileWSA8835affected

Weaknesses

  • Reachable Assertion in MODEM

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References