ID

VAR-202303-0725


CVE

CVE-2022-33245


TITLE

Use of freed memory vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2022-020816

DESCRIPTION

Memory corruption in WLAN due to use after free. APQ8064AU firmware, APQ8096AU firmware, AQT1000 Multiple Qualcomm products, such as firmware, contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-33245 // JVNDB: JVNDB-2022-020816 // VULMON: CVE-2022-33245

AFFECTED PRODUCTS

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa515mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa415mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn7606scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8064auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6175ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9074scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs405scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8031scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn7605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:csra6620scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6574scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9650scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6430scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6420scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8031scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6320scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6564scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8064auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6574auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6175ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6574ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6564auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6564ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6310scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-020816 // NVD: CVE-2022-33245

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-33245
value: HIGH

Trust: 1.0

product-security@qualcomm.com: CVE-2022-33245
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-33245
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202303-824
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-33245
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

product-security@qualcomm.com: CVE-2022-33245
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-33245
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-020816 // CNNVD: CNNVD-202303-824 // NVD: CVE-2022-33245 // NVD: CVE-2022-33245

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

problemtype:Use of freed memory (CWE-416) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-020816 // NVD: CVE-2022-33245

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202303-824

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202303-824

PATCH

title:Qualcomm chip Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=229325

Trust: 0.6

sources: CNNVD: CNNVD-202303-824

EXTERNAL IDS

db:NVDid:CVE-2022-33245

Trust: 3.3

db:JVNDBid:JVNDB-2022-020816

Trust: 0.8

db:CNNVDid:CNNVD-202303-824

Trust: 0.6

db:VULMONid:CVE-2022-33245

Trust: 0.1

sources: VULMON: CVE-2022-33245 // JVNDB: JVNDB-2022-020816 // CNNVD: CNNVD-202303-824 // NVD: CVE-2022-33245

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-33245

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-33245/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2022-33245 // JVNDB: JVNDB-2022-020816 // CNNVD: CNNVD-202303-824 // NVD: CVE-2022-33245

SOURCES

db:VULMONid:CVE-2022-33245
db:JVNDBid:JVNDB-2022-020816
db:CNNVDid:CNNVD-202303-824
db:NVDid:CVE-2022-33245

LAST UPDATE DATE

2024-08-14T14:36:57.982000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-33245date:2023-03-11T00:00:00
db:JVNDBid:JVNDB-2022-020816date:2023-11-07T02:03:00
db:CNNVDid:CNNVD-202303-824date:2023-03-16T00:00:00
db:NVDid:CVE-2022-33245date:2024-04-12T17:16:09.680

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-33245date:2023-03-10T00:00:00
db:JVNDBid:JVNDB-2022-020816date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202303-824date:2023-03-10T00:00:00
db:NVDid:CVE-2022-33245date:2023-03-10T21:15:11.690