CVE-2022-22081

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Qualcomm embedded platform software (affected versions not specified)

Description The issue is related to a component in the audio microcode of Qualcomm's embedded platforms, which lacks buffer length checks and is vulnerable to out-of-bounds memory reads. This can be exploited to cause a denial of service or potentially execute arbitrary code. The problem is also described as memory corruption in the audio module due to an integer overflow, affecting various Snapdragon products.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Over-read

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126CWE-190

Related Identifiers

BDU:2022-06021

CVE-2022-22081

Affected Products

Qualcomm Embedded Platform

Snapdragon

CVE-2022-22081

Weakness Enumeration

Related Identifiers

Affected Products

References · 6