Vulnerability Description
Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca6426 Firmware | - |
| Qualcomm | Qca6426 | - |
| Qualcomm | Qca6436 Firmware | - |
| Qualcomm | Qca6436 | - |
| Qualcomm | Qca6574 Firmware | - |
| Qualcomm | Qca6574 | - |
| Qualcomm | Qca6574A Firmware | - |
| Qualcomm | Qca6574A | - |
| Qualcomm | Qca6574Au Firmware | - |
| Qualcomm | Qca6574Au | - |
| Qualcomm | Qca6595Au Firmware | - |
| Qualcomm | Qca6595Au | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/september-2022-bullePatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/september-2022-bullePatchVendor Advisory
FAQ
What is CVE-2022-25656?
CVE-2022-25656 is a vulnerability with a CVSS score of 8.4 (HIGH). Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Co...
How severe is CVE-2022-25656?
CVE-2022-25656 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-25656?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Qca6174A Firmware, Qualcomm Qca6174A, Qualcomm Qca6390 Firmware.