CVE-2022-33281: Improper validation of array index in computer vision.
First published: Tue May 02 2023(Updated: )
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.
Credit: product-security@qualcomm.com product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm WCN685X-5 Firmware | ||
| Qualcomm WCN685X-5 Firmware | ||
| Qualcomm WCN685X-1 | ||
| Qualcomm WCN685X | ||
| Qualcomm WCN785X Firmware | ||
| Qualcomm WCN785X Firmware | ||
| Qualcomm WCN785X Firmware | ||
| qualcomm wcn785x-5 firmware | ||
| Qualcomm SM8450 | ||
| Qualcomm SM8450 Firmware | ||
| Qualcomm WCD9380 | ||
| Qualcomm WCD9380 Firmware | ||
| Qualcomm WSA8830 | ||
| Qualcomm WSA8830 | ||
| Qualcomm WSA8835 | ||
| Qualcomm WSA8835 Firmware | ||
| All of | ||
| Qualcomm WCN685X-5 Firmware | ||
| Qualcomm WCN685X-5 Firmware | ||
| All of | ||
| Qualcomm WCN685X | ||
| Qualcomm WCN685X-1 | ||
| All of | ||
| Qualcomm WCN785X Firmware | ||
| Qualcomm WCN785X Firmware | ||
| All of | ||
| qualcomm wcn785x-5 firmware | ||
| Qualcomm WCN785X Firmware | ||
| All of | ||
| Qualcomm SM8450 Firmware | ||
| Qualcomm SM8450 | ||
| All of | ||
| Qualcomm WCD9380 Firmware | ||
| Qualcomm WCD9380 | ||
| All of | ||
| Qualcomm WSA8830 | ||
| Qualcomm WSA8830 | ||
| All of | ||
| Qualcomm WSA8835 Firmware | ||
| Qualcomm WSA8835 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-33281?
CVE-2022-33281 is a vulnerability that allows memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.
Which software is affected by CVE-2022-33281?
The Qualcomm Wcn685x-5 Firmware, Qualcomm Wcn685x-1 Firmware, Qualcomm Wcn785x-1 Firmware, Qualcomm Wcn785x-5 Firmware, Qualcomm Sm8450 Firmware, Google Android (Wcd9380), Google Android (Wsa8830), and Google Android (Wsa8835) are affected by CVE-2022-33281.
What is the severity of CVE-2022-33281?
The severity of CVE-2022-33281 is high with a CVSS score of 7.8.
How can I fix CVE-2022-33281?
To fix CVE-2022-33281, it is recommended to apply the latest security updates provided by Qualcomm. Please refer to the official Qualcomm Bulletin for more information.
What is CWE-129?
CWE-129 refers to the vulnerability known as 'Improper Validation of Array Index' where improper validation of array indexes used for accessing memory can lead to memory corruption and other security issues.
- collector/nvd-latest
- agent/type
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/title
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/qualcomm
- canonical/qualcomm wcn685x-5 firmware
- canonical/qualcomm wcn685x-1
- canonical/qualcomm wcn685x
- canonical/qualcomm wcn785x firmware
- canonical/qualcomm wcn785x-5 firmware
- canonical/qualcomm sm8450
- canonical/qualcomm sm8450 firmware
- canonical/qualcomm wcd9380
- canonical/qualcomm wcd9380 firmware
- canonical/qualcomm wsa8830
- canonical/qualcomm wsa8835
- canonical/qualcomm wsa8835 firmware