Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00025.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Qualcomm, Inc. Snapdragon unaffected
Version Status Constraints
FastConnect 6900 affected
FastConnect 7800 affected
Snapdragon 8 Gen 1 Mobile Platform affected
WCD9380 affected
WSA8830 affected
WSA8835 affected

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:sm8450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8450:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Qualcomm Subscribe
Sm8450 Subscribe
Sm8450 Firmware Subscribe
Wcd9380 Subscribe
Wcd9380 Firmware Subscribe
Wcn685x-1 Subscribe
Wcn685x-1 Firmware Subscribe
Wcn685x-5 Subscribe
Wcn685x-5 Firmware Subscribe
Wcn785x-1 Subscribe
Wcn785x-1 Firmware Subscribe
Wcn785x-5 Subscribe
Wcn785x-5 Firmware Subscribe
Wsa8830 Subscribe
Wsa8830 Firmware Subscribe
Wsa8835 Subscribe
Wsa8835 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-36324 Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2024-08-03T08:01:20.538Z

Reserved: 2022-06-14T10:44:39.602Z

Link: CVE-2022-33281

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-05-02T06:15:09.507

Modified: 2024-11-21T07:08:01.883

Link: CVE-2022-33281

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses