1. Home
  2. CVE Database
  3. CVE-2022-22095
HIGH · 8.4

CVE-2022-22095

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon In...

Vulnerability Description

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Score

8.4

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommApq8053 Firmware-
QualcommApq8053-
QualcommMsm8953 Firmware-
QualcommMsm8953-
QualcommQca6390 Firmware-
QualcommQca6390-
QualcommQca6391 Firmware-
QualcommQca6391-
QualcommQca6426 Firmware-
QualcommQca6426-
QualcommQca6436 Firmware-
QualcommQca6436-
QualcommQcm2290 Firmware-
QualcommQcm2290-
QualcommQcm4290 Firmware-
QualcommQcm4290-
QualcommQcs2290 Firmware-
QualcommQcs2290-
QualcommQcs4290 Firmware-
QualcommQcs4290-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2022-22095?

CVE-2022-22095 is a vulnerability with a CVSS score of 8.4 (HIGH). Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon In...

How severe is CVE-2022-22095?

CVE-2022-22095 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22095?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8053 Firmware, Qualcomm Apq8053, Qualcomm Msm8953 Firmware, Qualcomm Msm8953, Qualcomm Qca6390 Firmware.