CVE-2022-25742

Summary

Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicAR8031affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicCSRA6620affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicCSRA6640affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicMDM8207affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicMDM9205affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicMDM9206affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicMDM9207affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicMDM9607affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4004affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4010affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4020affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCA4024affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicQCS405affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCD9306affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCD9330affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCD9335affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCN3980affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCN3998affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWCN3999affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWSA8810affected
Qualcomm, Inc.Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & MusicWSA8815affected

Weaknesses

  • Loop with Unreachable Exit Condition in MODEM

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References