CVE-2022-33246

Summary

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAPQ8096AUaffected
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonMSM8996AUaffected
Qualcomm, Inc.SnapdragonQCA6390affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6420affected
Qualcomm, Inc.SnapdragonQCA6426affected
Qualcomm, Inc.SnapdragonQCA6430affected
Qualcomm, Inc.SnapdragonQCA6436affected
Qualcomm, Inc.SnapdragonQCA6564Aaffected
Qualcomm, Inc.SnapdragonQCA6564AUaffected
Qualcomm, Inc.SnapdragonQCA6574Aaffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCN9074affected
Qualcomm, Inc.SnapdragonQCS410affected
Qualcomm, Inc.SnapdragonQCS610affected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSD855affected
Qualcomm, Inc.SnapdragonSD865 5Gaffected
Qualcomm, Inc.SnapdragonSD870affected
Qualcomm, Inc.SnapdragonSDA429Waffected
Qualcomm, Inc.SnapdragonSDX55Maffected
Qualcomm, Inc.SnapdragonSDXR2 5Gaffected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCN3610affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3998affected
Qualcomm, Inc.SnapdragonWCN6850affected
Qualcomm, Inc.SnapdragonWCN6851affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected

Weaknesses

  • CWE-823: CWE-823 Use of Out-of-range Pointer Offset

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References