CVE-2022-33225

Summary

Memory corruption due to use after free in trusted application environment.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAPQ8096AUaffected
Qualcomm, Inc.SnapdragonMDM9628affected
Qualcomm, Inc.SnapdragonMSM8996AUaffected
Qualcomm, Inc.SnapdragonQCA6390affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6426affected
Qualcomm, Inc.SnapdragonQCA6436affected
Qualcomm, Inc.SnapdragonQCA6564Aaffected
Qualcomm, Inc.SnapdragonQCA6564AUaffected
Qualcomm, Inc.SnapdragonQCA6574Aaffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQualcomm215affected
Qualcomm, Inc.SnapdragonSD205affected
Qualcomm, Inc.SnapdragonSD210affected
Qualcomm, Inc.SnapdragonSD429affected
Qualcomm, Inc.SnapdragonSD865 5Gaffected
Qualcomm, Inc.SnapdragonSD870affected
Qualcomm, Inc.SnapdragonSDM429Waffected
Qualcomm, Inc.SnapdragonSDX55Maffected
Qualcomm, Inc.SnapdragonSDXR2 5Gaffected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCN3610affected
Qualcomm, Inc.SnapdragonWCN3620affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN6850affected
Qualcomm, Inc.SnapdragonWCN6851affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References