First published: Fri Sep 16 2022(Updated: )
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm Apq8096au Firmware | ||
Qualcomm Apq8096au | ||
Qualcomm Mdm9650 Firmware | ||
Qualcomm Mdm9650 | ||
Qualcomm Qca6174a Firmware | ||
Qualcomm Qca6174a | ||
Qualcomm Qca6574au Firmware | ||
Qualcomm Qca6574au | ||
Qualcomm Qcs603 Firmware | ||
Qualcomm Qcs603 | ||
Qualcomm Qcs605 Firmware | ||
Qualcomm Qcs605 | ||
Qualcomm Qualcomm215 Firmware | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Sd820 Firmware | ||
Qualcomm Sd820 | ||
Qualcomm Sdm429w Firmware | ||
Qualcomm Sdm429w | ||
Qualcomm Wcd9326 Firmware | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Wcd9341 Firmware | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Wcn3620 | ||
Google Android | ||
Google Android | ||
Qualcomm Wcn3680 Firmware | ||
Qualcomm Wcn3680 | ||
Google Android | ||
Google Android | ||
Qualcomm Wcn3990 Firmware | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-25654 is a vulnerability that causes memory corruption in the kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables.
CVE-2022-25654 has a severity value of 6.7, which is considered medium.
CVE-2022-25654 affects the Qualcomm Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, and Snapdragon Wearables platforms.
To fix CVE-2022-25654, it is recommended to apply the security patch provided by Qualcomm. Refer to the official bulletin for more information.
CVE-2022-25654 is associated with CWE-20 and CWE-787.