CVE-2022-33303

Summary

Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource Manager message queue.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888+ 5G Mobile Platform (SM8350-AC)affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References