Vulnerability Description
Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.
CVSS Score
6.7
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Wcn3991 Firmware | - |
| Qualcomm | Wcn3991 | - |
| Qualcomm | Wcn3998 Firmware | - |
| Qualcomm | Wcn3998 | - |
| Qualcomm | Wcn685X-5 Firmware | - |
| Qualcomm | Wcn685X-5 | - |
| Qualcomm | Wcn685X-1 Firmware | - |
| Qualcomm | Wcn685X-1 | - |
| Qualcomm | Wcn785X-1 Firmware | - |
| Qualcomm | Wcn785X-1 | - |
| Qualcomm | Wcn785X-5 Firmware | - |
| Qualcomm | Wcn785X-5 | - |
| Qualcomm | Qam8255P Firmware | - |
| Qualcomm | Qam8255P | - |
| Qualcomm | Qca6420 Firmware | - |
| Qualcomm | Qca6420 | - |
| Qualcomm | Qca6430 Firmware | - |
| Qualcomm | Qca6430 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletinVendor Advisory
FAQ
What is CVE-2022-33226?
CVE-2022-33226 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.
How severe is CVE-2022-33226?
CVE-2022-33226 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-33226?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Wcn3991 Firmware, Qualcomm Wcn3991, Qualcomm Wcn3998 Firmware.