What is the severity of CVE-2022-25698?

The severity of CVE-2022-25698 is high with a CVSS score of 7.8.

Which devices are affected by CVE-2022-25698?

Devices running Snapdragon Mobile or Snapdragon Wearables with specific firmware versions are affected.

How does CVE-2022-25698 impact the affected devices?

CVE-2022-25698 can lead to memory corruption in SPI buses, potentially resulting in security vulnerabilities or system instability.

How can I fix CVE-2022-25698?

To fix CVE-2022-25698, it is recommended to apply the security updates provided by Qualcomm or Google and follow the guidelines given in the referenced bulletins.

Where can I find more information about CVE-2022-25698?

You can find more information about CVE-2022-25698 in the December 2022 bulletin from Qualcomm and the associated Android Security Bulletin for December 2022.

Vulnerability/
CVE-2022-25698

high

8.4

CWE

20 787

5/12/2022

13/12/2022

22/4/2025

CVE-2022-25698: Input Validation

First published: Mon Dec 05 2022(Updated: )

Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Qualcomm Snapdragon 8 Gen 1 Firmware
Qualcomm SM8475P
Qualcomm SD429
Qualcomm SD429 Firmware
Qualcomm SDA429W Firmware
Qualcomm SDA429W Firmware
Qualcomm SDM429W
qualcomm SDM429W firmware
Qualcomm WCD9380
Qualcomm WCD9380 Firmware
Qualcomm WCN3610 Firmware
Qualcomm WCN3610 Firmware
Qualcomm WCN3620 Firmware
Qualcomm WCN3620 Firmware
Qualcomm WCN3660B
Qualcomm WCN3660B Firmware
Qualcomm WCN3680B Firmware
Qualcomm WCN3680B Firmware
Qualcomm Wcn3980
Qualcomm WCN3980
Qualcomm WCN6855 Firmware
Qualcomm WCN6855 Firmware
Qualcomm WCN6856 Firmware
Qualcomm WCN6856 Firmware
Qualcomm WCN7850 Firmware
Qualcomm WCN7850 Firmware
Qualcomm WCN7851
Qualcomm WCN7851 Firmware
Qualcomm WSA8830
Qualcomm WSA8830
Qualcomm WSA8835
Qualcomm WSA8835 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-25698?
The severity of CVE-2022-25698 is high with a CVSS score of 7.8.
Which devices are affected by CVE-2022-25698?
Devices running Snapdragon Mobile or Snapdragon Wearables with specific firmware versions are affected.
How does CVE-2022-25698 impact the affected devices?
CVE-2022-25698 can lead to memory corruption in SPI buses, potentially resulting in security vulnerabilities or system instability.
How can I fix CVE-2022-25698?
To fix CVE-2022-25698, it is recommended to apply the security updates provided by Qualcomm or Google and follow the guidelines given in the referenced bulletins.
Where can I find more information about CVE-2022-25698?
You can find more information about CVE-2022-25698 in the December 2022 bulletin from Qualcomm and the associated Android Security Bulletin for December 2022.

agent/type
agent/first-publish-date
agent/author
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/event
agent/source
agent/weakness
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/android-source
source/Android
vendor/qualcomm
canonical/qualcomm snapdragon 8 gen 1 firmware
canonical/qualcomm sm8475p
canonical/qualcomm sd429
canonical/qualcomm sd429 firmware
canonical/qualcomm sda429w firmware
canonical/qualcomm sdm429w
canonical/qualcomm sdm429w firmware
canonical/qualcomm wcd9380
canonical/qualcomm wcd9380 firmware
canonical/qualcomm wcn3610 firmware
canonical/qualcomm wcn3620 firmware
canonical/qualcomm wcn3660b
canonical/qualcomm wcn3660b firmware
canonical/qualcomm wcn3680b firmware
canonical/qualcomm wcn3980
canonical/qualcomm wcn6855 firmware
canonical/qualcomm wcn6856 firmware
canonical/qualcomm wcn7850 firmware
canonical/qualcomm wcn7851
canonical/qualcomm wcn7851 firmware
canonical/qualcomm wsa8830
canonical/qualcomm wsa8835
canonical/qualcomm wsa8835 firmware
vendor/google