CVE-2022-40540

HIGH

Qualcomm SD 8 Gen1 5G Firmware - Buffer Overflow

Title source: rule
STIX 2.1

Description

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.

References (3)

Core 3

Scores

CVSS v3 8.4
EPSS 0.0009
EPSS Percentile 25.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (16)
qualcomm/sd888_5g_firmware
qualcomm/sd_8_gen1_5g_firmware
qualcomm/sw5100_firmware
qualcomm/sw5100p_firmware
qualcomm/wcd9380_firmware
qualcomm/wcd9385_firmware
qualcomm/wcn3980_firmware
qualcomm/wcn3988_firmware
qualcomm/wcn6850_firmware
qualcomm/wcn6851_firmware
... and 6 more
Published Mar 10, 2023
Tracked Since Feb 18, 2026