CVE-2022-33259

CVSS V2 None CVSS V3 None
Description
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
Overview
  • CVE ID
  • CVE-2022-33259
  • Assigner
  • product-security@qualcomm.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-13T07:15:15
  • Last Modified Date
  • 2023-04-21T03:49:17
Weakness Enumerations
CWE URL
CWE-120 http://cwe.mitre.org/data/definitions/120.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_wear_1100_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_wear_1100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_wear_1200_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_wear_1200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-33259
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33259
History
Created Old Value New Value Data Type Notes
2023-04-17 04:40:12 Added to TrackCVE
2023-04-18 15:00:40 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-04-21 04:01:00 2023-04-21T03:49:17 CVE Modified Date updated
2023-04-21 04:01:00 Undergoing Analysis Analyzed Vulnerability Status updated
2023-04-21 04:01:02 Weakness Enumeration new
2023-04-21 04:01:05 CPE Information updated