CVE-2022-25739

Summary

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon9205 LTE Modemaffected
Qualcomm, Inc.Snapdragon9206 LTE Modemaffected
Qualcomm, Inc.Snapdragon9207 LTE Modemaffected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonMDM8207affected
Qualcomm, Inc.SnapdragonQCA4004affected
Qualcomm, Inc.SnapdragonQTS110affected
Qualcomm, Inc.SnapdragonSnapdragon 1100 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 1200 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon AR2 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Wear 1300 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X5 LTE Modemaffected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonWCD9306affected
Qualcomm, Inc.SnapdragonWCD9330affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-476: CWE-476 NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References