CVE-2022-33270

CVSS V2 None CVSS V3 None

Description

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.

Overview

CVE ID
CVE-2022-33270

Assigner
product-security@qualcomm.com

Vulnerability Status
Analyzed

Published Version
2023-04-13T07:15:16

Last Modified Date
2023-04-24T16:15:28

Weakness Enumerations

CWE	URL
CWE-367	http://cwe.mitre.org/data/definitions/367.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:o:qualcomm:ar8035_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:ar8035:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn3998:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn6750:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn685x-5:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn685x-1:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn785x-1:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn785x-5:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6391:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6595au:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6696:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca6698aq:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca8081_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca8081:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca8337_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca8337:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qcm6490_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qcm6490:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qcn6024_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qcn6024:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qcn9024_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qcn9024:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qcs6490_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qcs6490:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sd778g_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sd778g:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sdx57m_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sdx57m:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm7325p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm7325p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm4375_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm4375:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm4350_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm4350:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm4350-ac_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm4350-ac:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm6375_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm6375:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm7325_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm7325:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm7325-ae_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm7325-ae:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm7325-af_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm7325-af:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm8450_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm8450:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm8350_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm8350:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sm8350-ac_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sm8350-ac:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_x70_modem-rf_system_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_x70_modem-rf_system:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9370:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9375:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9380:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9385:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn3988:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8810:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8815:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8830:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8835:-:::::::*	0	OR

References

Reference URL	Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-33270
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33270

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 04:40:12				Added to TrackCVE
2023-04-18 15:00:40	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-04-24 17:00:43		2023-04-24T16:15:28	CVE Modified Date	updated
2023-04-24 17:00:43	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-04-24 17:00:45			Weakness Enumeration	new
2023-04-24 17:00:50			CPE Information	updated