CVE-2022-33259 - OpenCVE

Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Qualcomm	Wcd9306 Mdm9206 Firmware Mdm9206 Mdm9205 Firmware Snapdragon Wear 1100 Firmware Mdm8207 Firmware Qts110 Snapdragon Wear 1200 Firmware Mdm8207 Wcd9330 Mdm9205 Snapdragon Wear 1300 Firmware Qts110 Firmware Snapdragon Wear 1200 Qca4004 Firmware Snapdragon X5 Lte Modem Wcd9306 Firmware Wcd9330 Firmware Snapdragon Wear 1300 Qca4004 Mdm9207 Firmware Snapdragon X5 Lte Modem Firmware Mdm9207 Snapdragon Wear 1100

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_wear_1100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_wear_1100:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_wear_1200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_wear_1200:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2023-04-04T04:46:32.158Z

Updated: 2024-04-12T16:29:00.342Z

Reserved: 2022-06-14T10:44:39.591Z

Link: CVE-2022-33259

JSON object: View

NVD Information

Status : Modified

Published: 2023-04-13T07:15:15.760

Modified: 2024-04-12T17:16:13.997

Link: CVE-2022-33259

JSON object: View

Redhat Information

No data.

CWE

CWE-120