CVE-2022-40540

Summary

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonSD 8 Gen1 5Gaffected
Qualcomm, Inc.SnapdragonSD888 5Gaffected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN6850affected
Qualcomm, Inc.SnapdragonWCN6851affected
Qualcomm, Inc.SnapdragonWCN6855affected
Qualcomm, Inc.SnapdragonWCN6856affected
Qualcomm, Inc.SnapdragonWCN7850affected
Qualcomm, Inc.SnapdragonWCN7851affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

References