CVE-2022-22096

CVSS V2 None CVSS V3 Critical 9.8
Description
Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
Overview
  • CVE ID
  • CVE-2022-22096
  • Assigner
  • product-security@qualcomm.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-09-02T12:15:09
  • Last Modified Date
  • 2023-04-19T17:10:55
Weakness Enumerations
CWE URL
CWE-787 http://cwe.mitre.org/data/definitions/787.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd720g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:* 0 OR
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 9.8
  • Base Severity
  • CRITICAL
  • Exploitability Score
  • 3.9
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-22096
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22096
History
Created Old Value New Value Data Type Notes
2022-09-02 13:00:18 Added to TrackCVE
2023-04-19 18:05:23 2023-04-19T17:10:55 CVE Modified Date updated