CVE-2022-22096

Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd720g:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:46

Type Values Removed Values Added
References () https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin - Patch, Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin - Patch, Vendor Advisory

Information

Published : 2022-09-02 12:15

Updated : 2024-11-21 06:46


NVD link : CVE-2022-22096

Mitre link : CVE-2022-22096

CVE.ORG link : CVE-2022-22096


JSON object : View

Products Affected

qualcomm

  • qca6390_firmware
  • sm7325p
  • wcn3998
  • wcn6750
  • wcn6851_firmware
  • wcd9380
  • wcd9380_firmware
  • wcn3998_firmware
  • sd665
  • sd480_firmware
  • sm7450
  • sd888_5g
  • wcn6740_firmware
  • sm8475
  • qca6390
  • wcd9341_firmware
  • wsa8830
  • sd460
  • sd768g_firmware
  • sd865_5g
  • sd778g_firmware
  • wcn6850
  • qca6391_firmware
  • wcn7851_firmware
  • wcn7850
  • sd778g
  • wsa8815_firmware
  • sd662
  • sd680_firmware
  • wcd9370
  • sd870
  • sm7325p_firmware
  • wsa8810_firmware
  • sd690_5g
  • sd695
  • sd678_firmware
  • sd_8_gen1_5g_firmware
  • sm7250p_firmware
  • wcn3980
  • wsa8830_firmware
  • sm7450_firmware
  • sd_675
  • wcn3950_firmware
  • sd865_5g_firmware
  • aqt1000_firmware
  • wcd9370_firmware
  • sm8475_firmware
  • wcn7851
  • sd768g
  • sd888_firmware
  • wcn3980_firmware
  • sd720g
  • sd780g
  • wcn3991
  • sd690_5g_firmware
  • wcn3988
  • sd888_5g_firmware
  • wcn7850_firmware
  • sd730
  • qca6391
  • aqt1000
  • wcd9385_firmware
  • sd480
  • wcn6856_firmware
  • wcn3950
  • wcn3988_firmware
  • sdx55m
  • wsa8810
  • wsa8835_firmware
  • sd675
  • wcn6740
  • sd765_firmware
  • sd720g_firmware
  • sm6250
  • sd_675_firmware
  • wcn6855_firmware
  • wsa8835
  • sm7250p
  • sd675_firmware
  • sd695_firmware
  • wcn6850_firmware
  • sm6250_firmware
  • wcd9341
  • sd730_firmware
  • sd680
  • wcn6856
  • wcn6855
  • wcd9375
  • sd765g_firmware
  • sd665_firmware
  • sd460_firmware
  • sd765
  • sd870_firmware
  • wcn6750_firmware
  • sd662_firmware
  • wcd9375_firmware
  • wsa8815
  • wcn3991_firmware
  • sdx55m_firmware
  • sd888
  • wsa8832_firmware
  • wcd9385
  • wsa8832
  • sm8475p_firmware
  • sm7315_firmware
  • wcn6851
  • sm7315
  • sd678
  • sd780g_firmware
  • sd765g
  • sd855
  • sd855_firmware
  • sm8475p
CWE
CWE-787

Out-of-bounds Write