1. Home
  2. CVE Database
  3. CVE-2022-33257
CRITICAL · 9.3

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Vulnerability Description

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

CVSS Score

9.3

CRITICAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommAqt1000 Firmware-
QualcommAqt1000-
QualcommAr8031 Firmware-
QualcommAr8031-
QualcommAr8035 Firmware-
QualcommAr8035-
QualcommCsra6620 Firmware-
QualcommCsra6620-
QualcommCsra6640 Firmware-
QualcommCsra6640-
QualcommMdm9205 Firmware-
QualcommMdm9205-
QualcommQam8295P Firmware-
QualcommQam8295P-
QualcommQca4004 Firmware-
QualcommQca4004-
QualcommQca6174A Firmware-
QualcommQca6174A-
QualcommQca6310 Firmware-
QualcommQca6310-

Related Weaknesses (CWE)

CWE-367

References

FAQ

What is CVE-2022-33257?

CVE-2022-33257 is a vulnerability with a CVSS score of 9.3 (CRITICAL). Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

How severe is CVE-2022-33257?

CVE-2022-33257 has been rated CRITICAL with a CVSS base score of 9.3/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-33257?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Ar8031 Firmware, Qualcomm Ar8031, Qualcomm Ar8035 Firmware.