CVE-2022-33287

CVSS V2 None CVSS V3 None

Description

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

Overview

CVE ID
CVE-2022-33287

Assigner
product-security@qualcomm.com

Vulnerability Status
Analyzed

Published Version
2023-04-13T07:15:16

Last Modified Date
2023-04-21T19:19:12

Weakness Enumerations

CWE	URL
CWE-125	http://cwe.mitre.org/data/definitions/125.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:9205_lte_modem:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:9206_lte_modem:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:9207_lte_modem:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:ar8031_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:ar8031:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:csra6620_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:csra6620:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:csra6640_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:csra6640:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn3998:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn685x-5:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn685x-1:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn785x-1:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn785x-5:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:home_hub_100_platform_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:home_hub_100_platform:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:mdm8207:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca4004:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca4010_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca4010:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qca4024_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qca4024:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qts110_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qts110:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:qcs400_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:qcs400:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:ssg2115p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:ssg2125p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sxr1230p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:sxr2230p:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9306:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9330:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9335_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9335:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9380:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcd9385:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn3980:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wcn3999_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wcn3999:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8810:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8815:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8830:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8832:-:::::::*	0	OR
		AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*	1	OR
cpe:2.3:h:qualcomm:wsa8835:-:::::::*	0	OR

References

Reference URL	Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-33287
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33287

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 04:40:23				Added to TrackCVE
2023-04-18 15:00:47	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-04-21 20:00:43		2023-04-21T19:19:12	CVE Modified Date	updated
2023-04-21 20:00:43	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-04-21 20:00:44			Weakness Enumeration	new
2023-04-21 20:00:48			CPE Information	updated