CVE-2022-25740

Summary

Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon9205 LTE Modemaffected
Qualcomm, Inc.Snapdragon9206 LTE Modemaffected
Qualcomm, Inc.Snapdragon9207 LTE Modemaffected
Qualcomm, Inc.SnapdragonMDM8207affected
Qualcomm, Inc.SnapdragonQCA4004affected
Qualcomm, Inc.SnapdragonQTS110affected
Qualcomm, Inc.SnapdragonSnapdragon 1100 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 1200 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Wear 1300 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X5 LTE Modemaffected
Qualcomm, Inc.SnapdragonWCD9306affected
Qualcomm, Inc.SnapdragonWCD9330affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References