CVE-2022-33297

Information disclosure due to buffer overread in Linux sensors

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_835_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_835_mobile_platform:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

History

12 Apr 2024, 17:16

Type	Values Removed	Values Added
CWE		CWE-126

Information

Published : 2023-04-13 07:15

Updated : 2024-04-12 17:16

NVD link : CVE-2022-33297

Mitre link : CVE-2022-33297

CVE.ORG link : CVE-2022-33297

JSON object : View

Products Affected

qualcomm

qca6310
snapdragon_835_mobile_platform_firmware
wcd9335
wsa8815_firmware
wsa8810_firmware
wcd9340
wcn3990
qca6310_firmware
wcn3990_firmware
sd835_firmware
wcd9341_firmware
sd835
qca6320_firmware
qca6320
snapdragon_835_mobile_platform
wcd9340_firmware
wsa8815
wsa8810
wcd9341
wcd9335_firmware

CWE

CWE-125

Out-of-bounds Read

CWE-126

Buffer Over-read

{"id": "CVE-2022-33297", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "product-security@qualcomm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 2.5}]}, "published": "2023-04-13T07:15:18.913", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin", "tags": ["Vendor Advisory"], "source": "product-security@qualcomm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}, {"type": "Secondary", "source": "product-security@qualcomm.com", "description": [{"lang": "en", "value": "CWE-126"}]}], "descriptions": [{"lang": "en", "value": "Information disclosure due to buffer overread in Linux sensors"}], "lastModified": "2024-04-12T17:16:25.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_platform_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FC405AC-8196-490F-B6B9-8067BB8B0C8A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_platform:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B639DD76-26BC-4A9B-8E09-D71ACF35A284"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}