ID

VAR-202210-0355


CVE

CVE-2022-25664


TITLE

Incomplete cleanup vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2022-019498

DESCRIPTION

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. APQ8009 firmware, APQ8052 firmware, APQ8053 Multiple Qualcomm products, including firmware, contain vulnerabilities related to incomplete cleanup.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2022-25664 // JVNDB: JVNDB-2022-019498

AFFECTED PRODUCTS

vendor:qualcommmodel:qca6564scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd845scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8108scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8952scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcc5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8208scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8053scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976sgscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8608scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8056scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6431scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8295pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qam8295pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6421scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8953scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8052scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8956scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd820scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8209scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8076scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsm8250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd821scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:apq8052scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8976scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8053scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8208scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8952scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9650scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8108scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8608scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8953scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8209scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8056scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8295pscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9150scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8976sgscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8076scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8956scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-019498 // NVD: CVE-2022-25664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-25664
value: MEDIUM

Trust: 1.0

product-security@qualcomm.com: CVE-2022-25664
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-25664
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202210-023
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-25664
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

product-security@qualcomm.com: CVE-2022-25664
baseSeverity: MEDIUM
baseScore: 6.2
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.5
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-25664
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-019498 // CNNVD: CNNVD-202210-023 // NVD: CVE-2022-25664 // NVD: CVE-2022-25664

PROBLEMTYPE DATA

problemtype:CWE-459

Trust: 1.0

problemtype:incomplete cleanup (CWE-459) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-019498 // NVD: CVE-2022-25664

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-023

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202210-023

EXTERNAL IDS

db:NVDid:CVE-2022-25664

Trust: 3.2

db:PACKETSTORMid:172853

Trust: 2.4

db:JVNDBid:JVNDB-2022-019498

Trust: 0.8

db:CNNVDid:CNNVD-202210-023

Trust: 0.6

sources: JVNDB: JVNDB-2022-019498 // CNNVD: CNNVD-202210-023 // NVD: CVE-2022-25664

REFERENCES

url:http://packetstormsecurity.com/files/172853/qualcomm-adreno-gpu-information-leak.html

Trust: 2.4

url:https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-25664

Trust: 0.8

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-october-2022-39447

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-25664/

Trust: 0.6

sources: JVNDB: JVNDB-2022-019498 // CNNVD: CNNVD-202210-023 // NVD: CVE-2022-25664

SOURCES

db:JVNDBid:JVNDB-2022-019498
db:CNNVDid:CNNVD-202210-023
db:NVDid:CVE-2022-25664

LAST UPDATE DATE

2024-08-14T14:37:16.963000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2022-019498date:2023-10-25T08:15:00
db:CNNVDid:CNNVD-202210-023date:2023-06-13T00:00:00
db:NVDid:CVE-2022-25664date:2023-08-08T14:22:24.967

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2022-019498date:2023-10-25T00:00:00
db:CNNVDid:CNNVD-202210-023date:2022-10-03T00:00:00
db:NVDid:CVE-2022-25664date:2022-10-19T11:15:10.387