CVE-2022-22067

HIGH

Snapdragon Auto-Compute-Mobile - Memory Corruption

Title source: llm

Description

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin

Scores

CVSS v3 7.5

EPSS 0.0022

EPSS Percentile 44.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (50)

qualcomm/ar8035_firmware

qualcomm/qca6390_firmware

qualcomm/qca6391_firmware

qualcomm/qca6421_firmware

qualcomm/qca6426_firmware

qualcomm/qca6431_firmware

qualcomm/qca6436_firmware

qualcomm/qca6574a_firmware

qualcomm/qca6574au_firmware

qualcomm/qca6595au_firmware

qualcomm/qca6696_firmware

qualcomm/qca8081_firmware

qualcomm/qca8337_firmware

qualcomm/sa515m_firmware

qualcomm/sd_8_gen1_5g_firmware

... and 35 more

Timeline

Published Sep 02, 2022

Tracked Since Feb 18, 2026