CVE-2022-25660

HIGH

Qualcomm Aqt1000 Firmware - Double Free

Title source: rule

Description

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin

Scores

CVSS v3 7.8

EPSS 0.0012

EPSS Percentile 30.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (50)

qualcomm/aqt1000_firmware

qualcomm/ar8035_firmware

qualcomm/qam8295p_firmware

qualcomm/qca6174a_firmware

qualcomm/qca6310_firmware

qualcomm/qca6335_firmware

qualcomm/qca6390_firmware

qualcomm/qca6391_firmware

qualcomm/qca6420_firmware

qualcomm/qca6421_firmware

qualcomm/qca6426_firmware

qualcomm/qca6430_firmware

qualcomm/qca6431_firmware

qualcomm/qca6436_firmware

qualcomm/qca6564a_firmware

... and 35 more

Timeline

Published Oct 19, 2022

Tracked Since Feb 18, 2026