CVE-2022-33219

CVSS V2 None CVSS V3 None

Description

Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.

Overview

CVE ID
CVE-2022-33219

Assigner
product-security@qualcomm.com

Vulnerability Status
Analyzed

Published Version
2023-01-09T08:15:11

Last Modified Date
2023-01-13T02:01:52

Weakness Enumerations

CWE	URL
CWE-190	http://cwe.mitre.org/data/definitions/190.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:o:qualcomm:apq8064au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:apq8064au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:apq8096au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:apq8096au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:msm8996au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:msm8996au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qam8295p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6564a_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6564a:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6564au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6564au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6574a_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6574a:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6574au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6584au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6584au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6595:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6595au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6696:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa6145p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa6145p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa6150p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa6150p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa6155_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa6155:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa6155p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8145p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8145p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8150p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8150p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8155_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8155:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8155p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8155p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8195p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8195p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8295p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8295p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa8540p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa8540p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sa9000p:-:::::::*	0	OR

References

Reference URL	Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-33219
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33219

History

Created	Old Value	New Value	Data Type	Notes
2023-01-09 08:20:26				Added to TrackCVE
2023-01-09 13:18:11		2023-01-09T12:40:16	CVE Modified Date	updated
2023-01-09 13:18:11	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-12 05:16:33	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-01-13 02:14:08		2023-01-13T02:01:52	CVE Modified Date	updated
2023-01-13 02:14:08	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-01-13 02:14:09			Weakness Enumeration	new
2023-01-13 02:14:11			CPE Information	updated