Vulnerability Description
Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Sd 675 Firmware | - |
| Qualcomm | Sd 675 | - |
| Qualcomm | Sd 8 Gen1 5G Firmware | - |
| Qualcomm | Sm8475 | - |
| Qualcomm | Sd460 Firmware | - |
| Qualcomm | Sd460 | - |
| Qualcomm | Sd480 Firmware | - |
| Qualcomm | Sd480 | - |
| Qualcomm | Sd662 Firmware | - |
| Qualcomm | Sd662 | - |
| Qualcomm | Sd665 Firmware | - |
| Qualcomm | Sd665 | - |
| Qualcomm | Sd675 Firmware | - |
| Qualcomm | Sd675 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletinPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletinPatchVendor Advisory
FAQ
What is CVE-2022-22096?
CVE-2022-22096 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
How severe is CVE-2022-22096?
CVE-2022-22096 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-22096?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Qca6390 Firmware, Qualcomm Qca6390, Qualcomm Qca6391 Firmware.