CVE-2022-25708
First published: Fri Sep 16 2022(Updated: )
Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivity, Snapdragon Mobile
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Qualcomm Sm8475 | ||
| Qualcomm Sd888 5g Firmware | ||
| Google Android | ||
| Qualcomm Sm7450 Firmware | ||
| Qualcomm Sm7450 | ||
| Qualcomm Wcd9370 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wcn6855 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wcn7850 Firmware | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wcn7851 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Wsa8832 Firmware | ||
| Qualcomm Wsa8832 | ||
| Google Android | ||
| Google Android | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-25708?
CVE-2022-25708 is a vulnerability that causes memory corruption in WLAN due to buffer copy without checking the size of the input while parsing keys in Snapdragon Connectivity and Snapdragon Mobile.
Which software is affected by CVE-2022-25708?
The affected software includes Google Android (Qualcomm sd_8_gen1_5g_firmware, Qualcomm Sd888 5g Firmware, Qualcomm Sm7450 Firmware, Qualcomm Wcd9370 Firmware, Qualcomm Wcd9375 Firmware, Qualcomm Wcd9380 Firmware, Qualcomm Wcd9385 Firmware, Qualcomm Wcn6855 Firmware, Qualcomm Wcn6856 Firmware, Qualcomm Wcn7850 Firmware, Qualcomm Wsa8832 Firmware) and Qualcomm Sm8475.
What is the severity of CVE-2022-25708?
CVE-2022-25708 has a severity rating of 9.8, which is considered critical.
How can I fix CVE-2022-25708?
To address CVE-2022-25708, it is recommended to apply the necessary security patches or updates provided by the software vendors and manufacturers.
Where can I find more information about CVE-2022-25708?
You can find more information about CVE-2022-25708 on the Qualcomm Product Security Bulletin for September 2022 and the Android Security Bulletin for September 2022.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm sm8475
- canonical/qualcomm sd888 5g firmware
- canonical/qualcomm sm7450 firmware
- canonical/qualcomm sm7450
- canonical/qualcomm wcd9370 firmware
- canonical/qualcomm wcn6855 firmware
- canonical/qualcomm wcn7850 firmware
- canonical/qualcomm wcn7851
- canonical/qualcomm wsa8832 firmware
- canonical/qualcomm wsa8832
- vendor/google