high
7.8
CWE
1284 119
Advisory Published
CVE Published
Updated

CVE-2022-22072: Buffer Overflow

First published: Mon May 02 2022(Updated: )

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
Google Android
Qualcomm apq8009 firmware
Qualcomm apq8009
Qualcomm apq8017 firmware
Qualcomm apq8017
Qualcomm APQ8053 Firmware
Qualcomm APQ8053 Firmware
Qualcomm apq8096au firmware
Qualcomm apq8096au
Qualcomm ar8031 firmware
Qualcomm ar8031
Qualcomm csra6620 firmware
Qualcomm csra6620
Qualcomm csra6640 firmware
Qualcomm csra6640
Qualcomm MDM9150 firmware
Qualcomm MDM9150
Qualcomm MDM9206 firmware
Qualcomm MDM9206
Qualcomm mdm9250 firmware
Qualcomm mdm9250
Qualcomm MDM9607 firmware
Qualcomm MDM9607
Qualcomm mdm9626 firmware
Qualcomm mdm9626
Qualcomm mdm9628 firmware
Qualcomm mdm9628
Qualcomm MDM9650 firmware
Qualcomm MDM9650
qualcomm MSM8937 firmware
qualcomm MSM8937
Qualcomm pm8937 firmware
Qualcomm pm8937
qualcomm qca4020 firmware
qualcomm qca4020
Qualcomm qca6174a firmware
Qualcomm qca6174a
qualcomm qca6175a firmware
qualcomm qca6175a
qualcomm qca6310 firmware
qualcomm qca6310
qualcomm qca6320 firmware
qualcomm qca6320
Qualcomm qca6335 firmware
Qualcomm qca6335
Qualcomm qca6564a firmware
Qualcomm qca6564a
qualcomm qca6564au firmware
qualcomm qca6564au
qualcomm qca6574 firmware
qualcomm qca6574
qualcomm qca6574a firmware
qualcomm qca6574a
qualcomm qca6574au firmware
qualcomm qca6574au
Qualcomm qca9367 firmware
Qualcomm qca9367
Qualcomm qca9377 firmware
Qualcomm qca9377
qualcomm qca9379 firmware
qualcomm qca9379
Qualcomm QCS405 Firmware
Qualcomm QCS405 Firmware
Qualcomm qcs603 firmware
Qualcomm qcs603
Qualcomm QCS605 firmware
Qualcomm QCS605
Qualcomm sa515m firmware
Qualcomm sa515m
qualcomm sd670 firmware
qualcomm sd670
Qualcomm sd710 firmware
Qualcomm sd710
qualcomm sd820 Firmware
qualcomm sd820
Qualcomm sd835 firmware
Qualcomm sd835
Qualcomm sd845 firmware
Qualcomm sd845
Qualcomm SD 12 Firmware
qualcomm sdx12
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware
Qualcomm sdx24 firmware
Qualcomm sdx24
Qualcomm sdxr1 firmware
qualcomm sdxr1
Qualcomm wcd9326 firmware
Qualcomm wcd9326
Qualcomm wcd9330 firmware
Qualcomm wcd9330
Qualcomm wcd9335 firmware
qualcomm wcd9335
qualcomm wcd9340 firmware
qualcomm wcd9340
qualcomm wcd9341 firmware
qualcomm wcd9341
Qualcomm wcn3610 firmware
Qualcomm wcn3610
Qualcomm wcn3615 firmware
Qualcomm wcn3615
Qualcomm wcn3660b firmware
Qualcomm wcn3660b
Qualcomm wcn3680b firmware
Qualcomm wcn3680b
qualcomm wcn3980 firmware
Qualcomm Wcn3980
qualcomm wcn3990 firmware
qualcomm wcn3990
Qualcomm wcn3998 firmware
Qualcomm wcn3998
Qualcomm wcn3999 firmware
Qualcomm wcn3999
qualcomm wsa8810 firmware
qualcomm wsa8810
qualcomm wsa8815 firmware
qualcomm wsa8815

Remedy

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-22072?

    CVE-2022-22072 has a severity rating of High, due to the potential for buffer overflow exploitation.

  • How do I fix CVE-2022-22072?

    To fix CVE-2022-22072, update your device firmware to the latest version provided by Qualcomm or your device manufacturer.

  • What devices are affected by CVE-2022-22072?

    CVE-2022-22072 affects various Qualcomm Snapdragon platforms, including smartphones and connected devices utilizing affected firmware versions.

  • What type of vulnerability is CVE-2022-22072?

    CVE-2022-22072 is classified as a buffer overflow vulnerability, which can lead to remote code execution.

  • Is CVE-2022-22072 being actively exploited?

    While there are no current reports of active exploitation for CVE-2022-22072, it is recommended to apply updates to protect against potential attacks.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203