Sd 8 Gen1 5g Firmware
CVE-2022-25723
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile
AnalysisAI
Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile Affected products include: Qualcomm Sd 8 Gen1 5G Firmware, Qualcomm Wcd9380 Firmware, Qualcomm Wcn6855 Firmware, Qualcomm Wcn6856 Firmware, Qualcomm Wcn7850 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
More in Sd 8 Gen1 5g Firmware
View allMemory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. Rated critical severity
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Rated critical severity (CVSS 9.8), this
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr
Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivit
Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, S
Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Comput
Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snap
Same weakness CWE-416 – Use After Free
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today