1. Home
  2. CVE Database
  3. CVE-2022-22105
CRITICAL · 9.4

CVE-2022-22105

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

Vulnerability Description

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVSS Score

9.4

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
QualcommApq8009 Firmware-
QualcommApq8009-
QualcommApq8017 Firmware-
QualcommApq8017-
QualcommApq8053 Firmware-
QualcommApq8053-
QualcommApq8096Au Firmware-
QualcommApq8096Au-
QualcommAr8031 Firmware-
QualcommAr8031-
QualcommCsra6620 Firmware-
QualcommCsra6620-
QualcommCsra6640 Firmware-
QualcommCsra6640-
QualcommCsrb31024 Firmware-
QualcommCsrb31024-
QualcommMdm9150 Firmware-
QualcommMdm9150-
QualcommMdm9250 Firmware-
QualcommMdm9250-

Related Weaknesses (CWE)

CWE-190

References

FAQ

What is CVE-2022-22105?

CVE-2022-22105 is a vulnerability with a CVSS score of 9.4 (CRITICAL). Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

How severe is CVE-2022-22105?

CVE-2022-22105 has been rated CRITICAL with a CVSS base score of 9.4/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-22105?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8009 Firmware, Qualcomm Apq8009, Qualcomm Apq8017 Firmware, Qualcomm Apq8017, Qualcomm Apq8053 Firmware.