Kailua Firmware
CVE-2022-25750
HIGH
Severity by source
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile
AnalysisAI
Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-415. Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile Affected products include: Qualcomm Kailua Firmware, Qualcomm Sg8275 Firmware, Qualcomm Sg8275P Firmware, Qualcomm Sm8550 Firmware, Qualcomm Wcd9380 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same weakness CWE-415 – Double Free
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today