Vulnerability Description
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Ar8031 Firmware | - |
| Qualcomm | Ar8031 | - |
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Ar9380 Firmware | - |
| Qualcomm | Ar9380 | - |
| Qualcomm | Csr8811 Firmware | - |
| Qualcomm | Csr8811 | - |
| Qualcomm | Csra6620 Firmware | - |
| Qualcomm | Csra6620 | - |
| Qualcomm | Csra6640 Firmware | - |
| Qualcomm | Csra6640 | - |
| Qualcomm | Csrb31024 Firmware | - |
| Qualcomm | Csrb31024 | - |
| Qualcomm | Ipq5010 Firmware | - |
| Qualcomm | Ipq5010 | - |
| Qualcomm | Ipq5018 Firmware | - |
| Qualcomm | Ipq5018 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletVendor Advisory
FAQ
What is CVE-2022-40514?
CVE-2022-40514 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
How severe is CVE-2022-40514?
CVE-2022-40514 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-40514?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Ar8031 Firmware, Qualcomm Ar8031, Qualcomm Ar8035 Firmware.