What is the severity of CVE-2022-25717?

CVE-2022-25717 has been rated as a moderate severity vulnerability due to potential memory corruption issues.

How do I fix CVE-2022-25717?

To resolve CVE-2022-25717, users should upgrade to the latest firmware provided by Qualcomm for the affected devices.

What devices are impacted by CVE-2022-25717?

CVE-2022-25717 affects various Qualcomm firmware, including those for models like apq8096au and others listed in the vulnerability details.

What type of vulnerability is CVE-2022-25717?

CVE-2022-25717 is categorized as a memory corruption vulnerability due to a double free issue.

Is CVE-2022-25717 exploitable remotely?

Yes, CVE-2022-25717 could potentially be exploited remotely, allowing attackers to affect the affected systems.

Vulnerability/
CVE-2022-25717

high

7.8

CWE

415

6/1/2023

3/8/2024

CVE-2022-25717: Use-After-Free Issue in Display

First published: Fri Jan 06 2023(Updated: )

Memory corruption in display due to double free while allocating frame buffer memory

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Qualcomm APQ8096AU Firmware
Qualcomm APQ8096AU Firmware
Qualcomm AQT1000 Firmware
Qualcomm AQT1000 Firmware
Qualcomm MDM9150 Firmware
Qualcomm MDM9150 firmware
Qualcomm MDM9250
Qualcomm MDM9250 Firmware
Qualcomm MDM9650
Qualcomm MDM9650 firmware
qualcomm MSM8996AU firmware
Qualcomm MSM8996AU Firmware
Qualcomm QCA6391 Firmware
Qualcomm QCA6391 Firmware
Qualcomm QCA6420 Firmware
Qualcomm QCA6420 Firmware
Qualcomm QCA6430 firmware
Qualcomm QCA6430 firmware
Qualcomm QCA6564A
Qualcomm QCA6564A Firmware
Qualcomm QCA6564AU Firmware
Qualcomm QCA6564A
Qualcomm QCA6574A Firmware
qualcomm qca6574a firmware
Qualcomm QCA6574 Firmware
Qualcomm QCA6574AU
Qualcomm QCA8337 Firmware
Qualcomm QCA8337 Firmware
Qualcomm QCN9074 Firmware
Qualcomm QCN9074 Firmware
Qualcomm QCS410 Firmware
Qualcomm QCS410 Firmware
Qualcomm QCS610 Firmware
Qualcomm QCS610 Firmware
Qualcomm QCS8155
Qualcomm QCS8155 Firmware
Qualcomm 215 Mobile Firmware
Qualcomm 215 Firmware
Qualcomm SA515M Firmware
Qualcomm SA515M Firmware
Qualcomm SA8155
Qualcomm SA8155P Firmware
Qualcomm 205 Firmware
Qualcomm Snapdragon 205
Qualcomm SD 210 Firmware
Qualcomm SD210 Firmware
Qualcomm SD429
Qualcomm SD429 Firmware
Qualcomm Snapdragon 835
Qualcomm Snapdragon 835
Qualcomm Snapdragon 855
Qualcomm Snapdragon 855
Qualcomm SDA429W Firmware
Qualcomm SDA429W Firmware
Qualcomm SDM429W
qualcomm SDM429W firmware
Qualcomm SDX55M Firmware
Qualcomm SDX55 Firmware
Qualcomm SDXR1
Qualcomm SDXR1 Firmware
Qualcomm WCD9326
Qualcomm WCD9326 Firmware
Qualcomm WCD9335 Firmware
Qualcomm WCD9335 Firmware
Qualcomm WCD9340 Firmware
Qualcomm WCD9340 Firmware
Qualcomm WCD9341
Qualcomm WCD9341 Firmware
Qualcomm WCD9370 Firmware
Qualcomm WCD9370 Firmware
Qualcomm WCN3610 Firmware
Qualcomm WCN3610 Firmware
Qualcomm WCN3620 Firmware
Qualcomm WCN3620 Firmware
Qualcomm WCN3660B
Qualcomm WCN3660B Firmware
Qualcomm WCN3680B Firmware
Qualcomm WCN3680B Firmware
Qualcomm WCN3950 Firmware
Qualcomm WCN3950 Firmware
Qualcomm Wcn3980
Qualcomm WCN3980
Qualcomm WCN3990
Qualcomm WCN3990
Qualcomm WCN3998 Firmware
Qualcomm wcn3998 firmware
Qualcomm WSA8810
Qualcomm WSA8810 Firmware
Qualcomm WSA8815 Firmware
Qualcomm WSA8815 Firmware

Remedy

https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

Never miss a vulnerability like this again

Reference Links

https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin

Frequently Asked Questions

What is the severity of CVE-2022-25717?
CVE-2022-25717 has been rated as a moderate severity vulnerability due to potential memory corruption issues.
How do I fix CVE-2022-25717?
To resolve CVE-2022-25717, users should upgrade to the latest firmware provided by Qualcomm for the affected devices.
What devices are impacted by CVE-2022-25717?
CVE-2022-25717 affects various Qualcomm firmware, including those for models like apq8096au and others listed in the vulnerability details.
What type of vulnerability is CVE-2022-25717?
CVE-2022-25717 is categorized as a memory corruption vulnerability due to a double free issue.
Is CVE-2022-25717 exploitable remotely?
Yes, CVE-2022-25717 could potentially be exploited remotely, allowing attackers to affect the affected systems.