CVE-2022-33281: Improper validation of array index in computer vision.
First published: Tue May 02 2023(Updated: )
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.
Credit: product-security@qualcomm.com product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm Wcn685x-5 Firmware | ||
| Qualcomm Wcn685x-5 | ||
| Qualcomm Wcn685x-1 Firmware | ||
| Qualcomm Wcn685x-1 | ||
| Qualcomm Wcn785x-1 Firmware | ||
| Qualcomm Wcn785x-1 | ||
| Qualcomm Wcn785x-5 Firmware | ||
| Qualcomm Wcn785x-5 | ||
| Qualcomm Sm8450 Firmware | ||
| Qualcomm Sm8450 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| All of | ||
| Qualcomm Wcn685x-5 | ||
| Qualcomm Wcn685x-5 Firmware | ||
| All of | ||
| Qualcomm Wcn685x-1 | ||
| Qualcomm Wcn685x-1 Firmware | ||
| All of | ||
| Qualcomm Wcn785x-1 | ||
| Qualcomm Wcn785x-1 Firmware | ||
| All of | ||
| Qualcomm Wcn785x-5 | ||
| Qualcomm Wcn785x-5 Firmware | ||
| All of | ||
| Qualcomm Sm8450 | ||
| Qualcomm Sm8450 Firmware | ||
| All of | ||
| Google Android | ||
| Google Android | ||
| All of | ||
| Google Android | ||
| Google Android | ||
| All of | ||
| Google Android | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-33281?
CVE-2022-33281 is a vulnerability that allows memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.
Which software is affected by CVE-2022-33281?
The Qualcomm Wcn685x-5 Firmware, Qualcomm Wcn685x-1 Firmware, Qualcomm Wcn785x-1 Firmware, Qualcomm Wcn785x-5 Firmware, Qualcomm Sm8450 Firmware, Google Android (Wcd9380), Google Android (Wsa8830), and Google Android (Wsa8835) are affected by CVE-2022-33281.
What is the severity of CVE-2022-33281?
The severity of CVE-2022-33281 is high with a CVSS score of 7.8.
How can I fix CVE-2022-33281?
To fix CVE-2022-33281, it is recommended to apply the latest security updates provided by Qualcomm. Please refer to the official Qualcomm Bulletin for more information.
What is CWE-129?
CWE-129 refers to the vulnerability known as 'Improper Validation of Array Index' where improper validation of array indexes used for accessing memory can lead to memory corruption and other security issues.
- collector/nvd-latest
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/title
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/qualcomm
- canonical/qualcomm wcn685x-5 firmware
- canonical/qualcomm wcn685x-5
- canonical/qualcomm wcn685x-1 firmware
- canonical/qualcomm wcn685x-1
- canonical/qualcomm wcn785x-1 firmware
- canonical/qualcomm wcn785x-1
- canonical/qualcomm wcn785x-5 firmware
- canonical/qualcomm wcn785x-5
- canonical/qualcomm sm8450 firmware
- canonical/qualcomm sm8450
- canonical/google android