CVE-2022-33226

Summary

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQAM8255Paffected
Qualcomm, Inc.SnapdragonQCA6420affected
Qualcomm, Inc.SnapdragonQCA6430affected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA6797AQaffected
Qualcomm, Inc.SnapdragonSA8255Paffected
Qualcomm, Inc.SnapdragonSD855affected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 855 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 855+/860 Mobile Platform (SM8150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 888 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888+ 5G Mobile Platform (SM8350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon Wear 4100+ Platformaffected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3610affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN3680Baffected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

References