Vulnerability Description
Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Mdm9150 Firmware | - |
| Qualcomm | Mdm9150 | - |
| Qualcomm | Qca6310 Firmware | - |
| Qualcomm | Qca6310 | - |
| Qualcomm | Qca6335 Firmware | - |
| Qualcomm | Qca6335 | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca6420 Firmware | - |
| Qualcomm | Qca6420 | - |
| Qualcomm | Qca6426 Firmware | - |
| Qualcomm | Qca6426 | - |
| Qualcomm | Qca6430 Firmware | - |
| Qualcomm | Qca6430 | - |
| Qualcomm | Qca6436 Firmware | - |
| Qualcomm | Qca6436 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletPatchVendor Advisory
FAQ
What is CVE-2022-25712?
CVE-2022-25712 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
How severe is CVE-2022-25712?
CVE-2022-25712 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-25712?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Mdm9150 Firmware, Qualcomm Mdm9150, Qualcomm Qca6310 Firmware.