CVE-2022-25728

Summary

Information disclosure in modem due to buffer over-read while processing response from DNS server

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8031affected
Qualcomm, Inc.SnapdragonCSRA6620affected
Qualcomm, Inc.SnapdragonCSRA6640affected
Qualcomm, Inc.SnapdragonMDM8207affected
Qualcomm, Inc.SnapdragonMDM9205affected
Qualcomm, Inc.SnapdragonMDM9206affected
Qualcomm, Inc.SnapdragonMDM9207affected
Qualcomm, Inc.SnapdragonMDM9607affected
Qualcomm, Inc.SnapdragonQCA4004affected
Qualcomm, Inc.SnapdragonQCA4020affected
Qualcomm, Inc.SnapdragonQCA4024affected
Qualcomm, Inc.SnapdragonQCS405affected
Qualcomm, Inc.SnapdragonQTS110affected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonWCD9306affected
Qualcomm, Inc.SnapdragonWCD9330affected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3998affected
Qualcomm, Inc.SnapdragonWCN3999affected
Qualcomm, Inc.SnapdragonWCN6855affected
Qualcomm, Inc.SnapdragonWCN6856affected
Qualcomm, Inc.SnapdragonWCN7850affected
Qualcomm, Inc.SnapdragonWCN7851affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References