ID
VAR-202304-0955
CVE
CVE-2022-33282
TITLE
Integer overflow vulnerability in multiple Qualcomm products
Trust: 0.8
sources:
JVNDB: JVNDB-2022-024062
DESCRIPTION
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. MSM8996AU firmware, QAM8295P firmware, QCA6574A Multiple Qualcomm products, including firmware, contain an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.62
sources:
NVD: CVE-2022-33282 //
JVNDB: JVNDB-2022-024062
AFFECTED PRODUCTS
| vendor: | qualcomm | model: | sa6155p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8540p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6595au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8195p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8155p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8145p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6574au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa6150p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8150p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa6155 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa6145p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa9000p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8155 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6584au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qam8295p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6595 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sa8295p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | msm8996au | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6696 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | qca6574a | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | クアルコム | model: | sa6145p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa9000p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8145p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6595 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6696 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6595au | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8295p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8195p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8155p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa6155p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | msm8996au | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8540p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8150p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qam8295p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6584au | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6574a | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa8155 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa6150p | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | sa6155 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | クアルコム | model: | qca6574au | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-024062 //
NVD: CVE-2022-33282
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-024062 //
CNNVD: CNNVD-202304-1050 //
NVD: CVE-2022-33282 //
NVD: CVE-2022-33282
PROBLEMTYPE DATA
| problemtype: | CWE-190 | Trust: 1.0 |
| problemtype: | CWE-680 | Trust: 1.0 |
| problemtype: | Integer overflow or wraparound (CWE-190) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-024062 //
NVD: CVE-2022-33282
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202304-1050
TYPE
input validation error
Trust: 0.6
sources:
CNNVD: CNNVD-202304-1050
PATCH
| title: | Qualcomm Chipsets Enter the fix for the verification error vulnerability | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=234776 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202304-1050
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-33282 | Trust: 3.2 |
| db: | JVNDB | id: | JVNDB-2022-024062 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202304-1050 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2022-024062 //
CNNVD: CNNVD-202304-1050 //
NVD: CVE-2022-33282
REFERENCES
| url: | https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin | Trust: 2.4 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-33282 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-33282/ | Trust: 0.6 |
sources:
JVNDB: JVNDB-2022-024062 //
CNNVD: CNNVD-202304-1050 //
NVD: CVE-2022-33282
SOURCES
| db: | JVNDB | id: | JVNDB-2022-024062 |
| db: | CNNVD | id: | CNNVD-202304-1050 |
| db: | NVD | id: | CVE-2022-33282 |
LAST UPDATE DATE
2024-10-16T23:19:46.862000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2022-024062 | date: | 2023-12-01T05:05:00 |
| db: | CNNVD | id: | CNNVD-202304-1050 | date: | 2023-04-25T00:00:00 |
| db: | NVD | id: | CVE-2022-33282 | date: | 2024-04-12T17:16:22.740 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2022-024062 | date: | 2023-12-01T00:00:00 |
| db: | CNNVD | id: | CNNVD-202304-1050 | date: | 2023-04-13T00:00:00 |
| db: | NVD | id: | CVE-2022-33282 | date: | 2023-04-13T07:15:16.637 |