CVE-2022-33229

Summary

Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8031affected
Qualcomm, Inc.SnapdragonCSRA6620affected
Qualcomm, Inc.SnapdragonCSRA6640affected
Qualcomm, Inc.SnapdragonMDM8207affected
Qualcomm, Inc.SnapdragonMDM9205affected
Qualcomm, Inc.SnapdragonMDM9206affected
Qualcomm, Inc.SnapdragonMDM9207affected
Qualcomm, Inc.SnapdragonMDM9607affected
Qualcomm, Inc.SnapdragonQCA4004affected
Qualcomm, Inc.SnapdragonQCA4010affected
Qualcomm, Inc.SnapdragonQCA4020affected
Qualcomm, Inc.SnapdragonQCA4024affected
Qualcomm, Inc.SnapdragonQCS405affected
Qualcomm, Inc.SnapdragonQTS110affected
Qualcomm, Inc.SnapdragonWCD9306affected
Qualcomm, Inc.SnapdragonWCD9330affected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3999affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References