CVE-2022-22057

HIGH

Qualcomm APQ8053 Firmware - Use-After-Free via Graphics Fence Race Condition

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-22057. PoCs published by diabl0w.

AI-analyzed exploit summary This repository contains a working exploit for CVE-2022-22057, a vulnerability in the Qualcomm kgsl driver allowing arbitrary kernel memory read/write, SELinux bypass, and root access. It includes a modified version for Samsung SM-F926U and a persistence daemon.

Description

Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Exploits (1)

nomisec WORKING POC 10 stars
by diabl0w · poc
https://github.com/diabl0w/CVE-2022-22057_SM-F926U

This repository contains a working exploit for CVE-2022-22057, a vulnerability in the Qualcomm kgsl driver allowing arbitrary kernel memory read/write, SELinux bypass, and root access. It includes a modified version for Samsung SM-F926U and a persistence daemon.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Qualcomm kgsl driver on Samsung Galaxy Z Flip 3 (SM-F711B) and SM-F926U with firmware near F926UXXS1BUL6
No auth needed
Prerequisites: Device with vulnerable firmware · ADB access · Compiled exploit binaries
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Scores

CVSS v3 8.4
EPSS 0.0040
EPSS Percentile 32.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (50)
qualcomm/apq8053_firmware
qualcomm/ar8035_firmware
qualcomm/msm8953_firmware
qualcomm/qca6174a_firmware
qualcomm/qca6390_firmware
qualcomm/qca6391_firmware
qualcomm/qca6426_firmware
qualcomm/qca6436_firmware
qualcomm/qca6595au_firmware
qualcomm/qca8081_firmware
... and 40 more
Published Jun 14, 2022
Tracked Since Feb 18, 2026