Vulnerability Description
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CVSS Score
8.4
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 8 Gen1 5G Firmware | - |
| Qualcomm | Sm8475 | - |
| Qualcomm | Sd865 5G Firmware | - |
| Qualcomm | Sd865 5G | - |
| Qualcomm | Sd888 5G Firmware | - |
| Qualcomm | Sd888 5G | - |
| Qualcomm | Sdx65 Firmware | - |
| Qualcomm | Sdx65 | - |
| Qualcomm | Sm7450 Firmware | - |
| Qualcomm | Sm7450 | - |
| Qualcomm | Sm8475 Firmware | - |
| Qualcomm | Sm8475P Firmware | - |
| Qualcomm | Sm8475P | - |
| Qualcomm | Wcd9370 Firmware | - |
| Qualcomm | Wcd9370 | - |
| Qualcomm | Wcd9375 Firmware | - |
| Qualcomm | Wcd9375 | - |
| Qualcomm | Wcd9380 Firmware | - |
| Qualcomm | Wcd9380 | - |
| Qualcomm | Wcd9385 Firmware | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletinVendor Advisory
FAQ
What is CVE-2022-22090?
CVE-2022-22090 is a vulnerability with a CVSS score of 8.4 (HIGH). Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
How severe is CVE-2022-22090?
CVE-2022-22090 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22090?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 8 Gen1 5G Firmware, Qualcomm Sm8475, Qualcomm Sd865 5G Firmware, Qualcomm Sd865 5G, Qualcomm Sd888 5G Firmware.