CVE-2022-22090: Use After Free
First published: Mon Jun 06 2022(Updated: )
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Qualcomm Sm8475 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sd888 5g Firmware | ||
| Google Android | ||
| Qualcomm Sdx65 Firmware | ||
| Qualcomm Sdx65 | ||
| Qualcomm Sm7450 Firmware | ||
| Qualcomm Sm7450 | ||
| Qualcomm Sm8475 Firmware | ||
| Qualcomm Sm8475p Firmware | ||
| Qualcomm Sm8475p | ||
| Qualcomm Wcd9370 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wcn6855 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wcn7850 Firmware | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wcn7851 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wsa8832 Firmware | ||
| Qualcomm Wsa8832 | ||
| Google Android | ||
| Google Android | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22090?
CVE-2022-22090 is a vulnerability that allows for memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile.
Which software and devices are affected by CVE-2022-22090?
CVE-2022-22090 affects Google Android, Qualcomm SD 8 Gen1 5G Firmware, Qualcomm SD865 5G Firmware, Qualcomm SD888 5G Firmware, Qualcomm SDX65 Firmware, Qualcomm SM7450 Firmware, Qualcomm SM8475 Firmware, Qualcomm SM8475p Firmware, Qualcomm WCD9370 Firmware, Qualcomm WCD9375 Firmware, Qualcomm WCD9380 Firmware, Qualcomm WCD9385 Firmware, Qualcomm WCN6750 Firmware, Qualcomm WCN6850 Firmware, Qualcomm WCN6851 Firmware, Qualcomm WCN6855 Firmware, Qualcomm WCN6856 Firmware, Qualcomm WCN7850 Firmware, Qualcomm WCN7851 Firmware, Qualcomm WSA8810 Firmware, Qualcomm WSA8815 Firmware, Qualcomm WSA8830 Firmware, Qualcomm WSA8832 Firmware, and Qualcomm WSA8835 Firmware.
What is the severity of CVE-2022-22090?
CVE-2022-22090 has a severity rating of 7 out of 10 (high).
How can I fix CVE-2022-22090?
To fix CVE-2022-22090, it is recommended to apply the patches provided by Google Android or Qualcomm based on your affected software or device.
Where can I find more information about CVE-2022-22090?
You can find more information about CVE-2022-22090 on the official Android Security Bulletin for June 2022 and the Qualcomm Product Security Bulletins for June 2022.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/softwarecombine
- agent/event
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm sm8475
- canonical/qualcomm sd888 5g firmware
- canonical/qualcomm sdx65 firmware
- canonical/qualcomm sdx65
- canonical/qualcomm sm7450 firmware
- canonical/qualcomm sm7450
- canonical/qualcomm sm8475 firmware
- canonical/qualcomm sm8475p firmware
- canonical/qualcomm sm8475p
- canonical/qualcomm wcd9370 firmware
- canonical/qualcomm wcn6855 firmware
- canonical/qualcomm wcn7850 firmware
- canonical/qualcomm wcn7851
- canonical/qualcomm wsa8832 firmware
- canonical/qualcomm wsa8832
- vendor/google