CVE-2022-25738

Information disclosure in modem due to buffer over-red while performing checksum of packet received

CVSS v3.0 7.5 HIGH

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:mdm9207_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9207:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

Information

Published : 2023-02-11 20:15

Updated : 2023-02-21 10:00

NVD link : CVE-2022-25738

Mitre link : CVE-2022-25738

JSON object : View

CWE

CWE-125

Out-of-bounds Read

Products Affected

qualcomm

qca4024_firmware
wcd9335
wcn3998_firmware
mdm9607
ssg2125p_firmware
qca4010_firmware
wsa8815_firmware
qts110_firmware
wsa8815
mdm9607_firmware
csra6620_firmware
ssg2125p
wcd9335_firmware
wcd9306_firmware
qca4010
qca4020_firmware
wcn6855_firmware
wsa8835_firmware
wcn7851_firmware
wcd9380_firmware
wcn3999_firmware
ar8031
wcn6856_firmware
wsa8832
mdm9205
csra6640_firmware
wcn6856
mdm9206_firmware
wcn3998
mdm9207_firmware
mdm9206
wcd9385_firmware
sxr2230p_firmware
wcn3999
wsa8810_firmware
wcd9380
mdm9205_firmware
mdm8207_firmware
wcn7851
qca4004_firmware
wcd9385
wcd9306
sxr2230p
wcd9330
qca4004
qca4024
sxr1230p
wcn7850
wsa8830_firmware
wcn7850_firmware
wsa8810
ssg2115p_firmware
wsa8835
wsa8832_firmware
wcn6855
mdm9207
mdm8207
qca4020
qcs405_firmware
wcd9330_firmware
wsa8830
ssg2115p
csra6620
wcn3980_firmware
qts110
qcs405
sxr1230p_firmware
csra6640
wcn3980
ar8031_firmware

7.5 /10