October 2022 Security Bulletin
Updated On: 01/05/2023
This security bulletin is intended to help Qualcomm Technologies, Inc. (QTI) customers incorporate security updates in launched or upcoming devices. This document includes (i) a description of security issues that have been addressed in QTI’s proprietary code and (ii) links to publicly available code where security issues have been addressed.
Please reach out to securitybulletin@qti.qualcomm.com for any questions related to this bulletin.
Table of Contents
| Announcements |
| Acknowledgements |
| Proprietary Software Issues |
| Open Source Software Issues |
| Industry Coordination |
Announcements
None
Acknowledgements
We would like to thank these researchers for their contributions in reporting these issues to us.
| CVE-2022-25660,CVE-2022-25661,CVE-2022-25665 | Pengfei Ding(丁鹏飞) |
| CVE-2022-33214 | lovepink |
| CVE-2022-33217 | chen gengjia |
| CVE-2022-22078 | Gengjia Chen ( @chengjia4574 ) from IceSword Lab |
| CVE-2022-25662 | Le Wu of Baidu Security |
| CVE-2022-25663 | Gengjia Chen ( @chengjia4574 ) from IceSword LabGengjia Chen ( @chengjia4574 ) from IceSword Lab |
| CVE-2022-25664 | Man Yue Mo of GitHub Security Lab |
| CVE-2022-25666 | Seonung Jang(@IFdLRx4At1WFm74) |
Proprietary Software Issues
The tables below summarize security vulnerabilities that were addressed through proprietary software
This table lists high impact security vulnerabilities. Patches have been released for affected products.OEMs have been notified and strongly recommended to release patches on end devices.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2022-25718 | Critical | Critical | Network Service | Internal |
| CVE-2022-25748 | Critical | Critical | WLAN Firmware | Internal |
| CVE-2022-25660 | High | High | KERNEL | 12/01/2021 |
| CVE-2022-25661 | High | High | KERNEL | 12/07/2021 |
| CVE-2022-25687 | High | High | Video | Internal |
| CVE-2022-25719 | High | High | Network Service | Internal |
| CVE-2022-25736 | High | High | WLAN Firmware | Internal |
| CVE-2022-25749 | High | High | WLAN Firmware | Internal |
| CVE-2022-33210 | High | High | Multimedia | Internal |
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2022-25662 | Medium | Medium | Video | 07/14/2021 |
| CVE-2022-25663 | Medium | Medium | WLAN Windows Host | 07/20/2021 |
| CVE-2022-25665 | Medium | Medium | KERNEL | 12/07/2021 |
CVE-2022-25718
| CVE ID | CVE-2022-25718 |
| Title | Cryptographic Issue in WLAN |
| Description | Cryptographic issue in WLAN due to improper check on return value while authentication handshake |
| Technology Area | Network Service |
| Vulnerability Type | CWE-310 Cryptographic Issues |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.1 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8092, APQ8094, APQ8096AU, AR8031, CSRA6620, CSRA6640, CSRB31024, MDM8215, MDM9205, MDM9206, MDM9215, MDM9250, MDM9310, MDM9607, MDM9615, MDM9628, MDM9640, MDM9645, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8992, MSM8994, MSM8996AU, PM8937, QCA0000, QCA1023, QCA1990, QCA4004, QCA4010, QCA4020, QCA4024, QCA6174, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6554A, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA9367, QCA9369, QCA9377, QCA9379, QCC5100, QCS405, QET4101, QSW8573, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 455, SD 636, SD205, SD210, SD429, SD439, SD450, SD460, SD632, SD660, SD820, SD821, SD835, SD845, SDA429W, SDM429W, SDM630, SDW2500, SDX12, SDX20, SDX20M, SDX24, SDX55, SW5100, SW5100P, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3998, WCN3999, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25748
| CVE ID | CVE-2022-25748 |
| Title | Integer Overflow to Buffer Overflow in WLAN |
| Description | Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-680 Integer Overflow to Buffer Overflow |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.8 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8009, APQ8017, APQ8076, APQ8096AU, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, MDM8215, MDM9206, MDM9215, MDM9250, MDM9310, MDM9607, MDM9615, MDM9628, MDM9640, MDM9645, MDM9650, MSM8976, MSM8996AU, PMP8074, QAM8295P, QCA1023, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4020, QCA4024, QCA4531, QCA6174, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6554A, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9367, QCA9377, QCA9379, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9990, QCA9992, QCA9994, QCC5100, QCM2290, QCM4290, QCM6125, QCM6490, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QRB5165, QRB5165M, QRB5165N, QSM8250, QSM8350, SA4150P, SA4155P, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD460, SD480, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD821, SD835, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM4375, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SW5100, SW5100P, SXR2150P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25660
| CVE ID | CVE-2022-25660 |
| Title | Double Free in Kernel |
| Description | Memory corruption due to double free issue in kernel |
| Technology Area | KERNEL |
| Vulnerability Type | CWE-415 Double Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2021/12/01 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCS603, QCS605, QCS6490, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, SM7315, SM7325P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25661
| CVE ID | CVE-2022-25661 |
| Title | Untrusted Pointer Dereference in Kernel |
| Description | Memory corruption due to untrusted pointer dereference in kernel |
| Technology Area | KERNEL |
| Vulnerability Type | CWE-822 Untrusted Pointer Dereference |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2021/12/07 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCN9011, QCN9012, QCS603, QCS605, QCS6490, QRB5165, QRB5165M, QRB5165N, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, SM7315, SM7325P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25687
| CVE ID | CVE-2022-25687 |
| Title | Buffer Copy Without Checking Size of Input in Video |
| Description | memory corruption in video due to buffer overflow while parsing asf clips |
| Technology Area | Video |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.3 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8009, APQ8009W, APQ8017, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8096AU, AQT1000, AR8031, CSRA6620, CSRA6640, FSM10056, MDM9150, MDM9206, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8996AU, QAM8295P, QCA4020, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA9367, QCA9377, QCA9379, QCC5100, QCM2290, QCM4290, QCM6125, QCM6490, QCN7606, QCS2290, QCS405, QCS410, QCS4290, QCS605, QCS610, QCS6125, QCS6490, Qualcomm215, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 636, SD 675, SD 8 Gen1 5G, SD205, SD210, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD820, SD821, SD835, SD845, SD855, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM4375, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SW5100, SW5100P, SXR2150P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25719
| CVE ID | CVE-2022-25719 |
| Title | Buffer Over-read in WLAN |
| Description | Information disclosure in WLAN due to improper length check while processing authentication handshake |
| Technology Area | Network Service |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.2 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8076, APQ8084, AR8031, CSR8811, CSRA6620, CSRA6640, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9205, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9330, MDM9625, MDM9625M, MDM9630, MDM9635M, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, PM8937, QCA1990, QCA4004, QCA4010, QCA4020, QCA4024, QCA6164, QCA6174, QCA6174A, QCA8075, QCA8081, QCA9377, QCA9379, QCA9888, QCA9889, QCN5022, QCN5024, QCN5052, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6122, QCN6132, QCN9000, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS405, QET4101, QSW8573, Qualcomm215, SD205, SD210, SD429, SD439, SD450, SD632, SDA429W, SDM429W, SDW2500, WCD9306, WCD9326, WCD9335, WCD9340, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3980, WCN3998, WCN3999, WSA8810, WSA8815 |
CVE-2022-25736
| CVE ID | CVE-2022-25736 |
| Title | Buffer Over-read in WLAN |
| Description | Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, MDM8215, MDM9215, MDM9310, MDM9607, MDM9615, MDM9628, PMP8074, QAM8295P, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4024, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6554A, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9377, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9990, QCA9992, QCA9994, QCC5100, QCM2290, QCM4290, QCM6125, QCM6490, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QRB5165, QRB5165M, QRB5165N, QSM8250, QSM8350, SA4150P, SA4155P, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD460, SD480, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD835, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX50M, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM4375, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SW5100, SW5100P, SXR2150P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25749
| CVE ID | CVE-2022-25749 |
| Title | Buffer Over-read in WLAN |
| Description | Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8009, APQ8017, APQ8064AU, APQ8076, APQ8096AU, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, MDM8215, MDM9206, MDM9215, MDM9250, MDM9310, MDM9607, MDM9615, MDM9628, MDM9640, MDM9645, MDM9650, MSM8976, MSM8996AU, PMP8074, QAM8295P, QCA0000, QCA1023, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4020, QCA4024, QCA4531, QCA6174, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6554A, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6696, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9367, QCA9369, QCA9377, QCA9379, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9990, QCA9992, QCA9994, QCC5100, QCM2290, QCM4290, QCM6125, QCM6490, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QRB5165, QRB5165M, QRB5165N, QSM8250, QSM8350, SA4150P, SA4155P, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD460, SD480, SD660, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD835, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM4375, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SW5100, SW5100P, SXR2150P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-33210
| CVE ID | CVE-2022-33210 |
| Title | Use of Out-of-range Pointer Offset in Automotive Multimedia |
| Description | Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. |
| Technology Area | Multimedia |
| Vulnerability Type | CWE-823 Use of Out-of-range Pointer Offset |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8064AU, APQ8096AU, MSM8996AU, QAM8295P, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6696, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SA8540P, SA9000P |
CVE-2022-25662
| CVE ID | CVE-2022-25662 |
| Title | Untrusted Pointer Dereference in Video |
| Description | Information disclosure due to untrusted pointer dereference in kernel |
| Technology Area | Video |
| Vulnerability Type | CWE-822 Untrusted Pointer Dereference |
| Access Vector | Remote |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 5.3 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| Date Reported | 2021/07/14 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | APQ8096AU, MSM8996AU, QAM8295P, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCC5100, QCS410, QCS610, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SD 8 Gen1 5G, SD429, SD710, SD778G, SD780G, SD835, SD845, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDX55M, SDXR1, SDXR2 5G, SM7315, SM7325P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25663
| CVE ID | CVE-2022-25663 |
| Title | Buffer Over-read in WLAN |
| Description | Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service |
| Technology Area | WLAN Windows Host |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 5.5 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | 2021/07/20 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | AQT1000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA6390, QCA6391, QCA6420, QCA6430, SD 8cx Gen2, SD 8cx Gen3, SD778G, SD7c, SD850, SM6250, WCD9340, WCD9341, WCD9380, WCD9385, WCN3990, WCN3991, WCN3998, WCN6750, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2022-25665
| CVE ID | CVE-2022-25665 |
| Title | Buffer Over-read in Kernel |
| Description | Information disclosure due to buffer over read in kernel |
| Technology Area | KERNEL |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | 2021/12/07 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | AQT1000, AR8035, QAM8295P, QCA6174A, QCA6310, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCS603, QCS605, QSM8350, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8295P, SA8540P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD 8cx Gen3, SD670, SD675, SD678, SD765, SD765G, SD768G, SD845, SD850, SD855, SD865 5G, SD870, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX57M, SDX65, SDXR2 5G, SM7250P, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
*The list of affected chipsets may not be complete. For latest information, device OEMs can contact QTI directly at www.qualcomm.com/support.
Open Source Software Issues
The tables below summarize security vulnerabilities that were addressed through open source software
This table lists high impact security vulnerabilities. Patches have been released for affected products. OEMs have been notified and strongly recommended to release patches on end devices.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2022-25720 | Critical | Critical | WLAN HOST | Internal |
| CVE-2022-22077 | High | High | Graphics | Internal |
| CVE-2022-25723 | High | High | Multimedia Frameworks | Internal |
| CVE-2022-25750 | High | High | Bluetooth HOST | Internal |
| CVE-2022-33214 | High | High | Display | 03/02/2022 |
| CVE-2022-33217 | High | High | Qualcomm IPC | 04/25/2022 |
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2022-22078 | Medium | Medium | Boot | 09/09/2020 |
| CVE-2022-25664 | Medium | Medium | Graphics | 12/05/2021 |
| CVE-2022-25666 | Medium | Medium | DSP Service | 12/14/2021 |
CVE-2022-25720
| CVE ID | CVE-2022-25720 |
| Title | Improper Validation of Array Index in WLAN |
| Description | Memory corruption in WLAN due to out of bound array access during connect/roaming |
| Technology Area | WLAN HOST |
| Vulnerability Type | CWE-129 Improper Validation of Array Index |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.8 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | APQ8009, APQ8009W, APQ8017, APQ8052, APQ8053, APQ8056, APQ8064AU, APQ8076, APQ8096AU, AQT1000, AR6003, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, MDM8215, MDM8215M, MDM8615M, MDM9150, MDM9206, MDM9215, MDM9230, MDM9250, MDM9310, MDM9330, MDM9607, MDM9615, MDM9615M, MDM9628, MDM9630, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8996AU, QAM8295P, QCA4020, QCA6174, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCC5100, QCM6125, QCN6024, QCN7605, QCN7606, QCN9024, QCS405, QCS410, QCS605, QCS610, QCS6125, QCX315, QET4101, QRB5165, QRB5165M, QRB5165N, QSW8573, Qualcomm215, SA4150P, SA4155P, SA415M, SA515M, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 675, SD 8 Gen1 5G, SD205, SD210, SD429, SD439, SD450, SD460, SD632, SD660, SD662, SD670, SD675, SD678, SD710, SD730, SD820, SD821, SD835, SD845, SD855, SD865 5G, SD870, SDA429W, SDM429W, SDW2500, SDX12, SDX20, SDX20M, SDX24, SDX50M, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SW5100, SW5100P, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3998, WCN3999, WCN6740, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
|
CVE-2022-22077
| CVE ID | CVE-2022-22077 |
| Title | Use-After-Free in Graphics |
| Description | Memory corruption in graphics due to use-after-free in graphics dispatcher logic |
| Technology Area | Graphics |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835 |
| Patch** |
CVE-2022-25723
| CVE ID | CVE-2022-25723 |
| Title | Use-After-Free in Multimedia Frameworks |
| Description | Memory corruption in multimedia due to use after free during callback registration failure |
| Technology Area | Multimedia Frameworks |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835 |
| Patch** |
CVE-2022-25750
| CVE ID | CVE-2022-25750 |
| Title | Double Free in BTHOST |
| Description | Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset |
| Technology Area | Bluetooth HOST |
| Vulnerability Type | CWE-415 Double Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | Kailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2022-33214
| CVE ID | CVE-2022-33214 |
| Title | Time-of-check time-of-use race condition in Display |
| Description | Memory corruption in display due to time-of-check time-of-use of metadata reserved size |
| Technology Area | Display |
| Vulnerability Type | CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/03/02 |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | AQT1000, QAM8295P, QCA6390, QCA6391, QCA6420, QCA6430, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCC5100, QCM2290, QCM4290, QCM6125, QCM6490, QCN7606, QCS2290, QCS410, QCS4290, QCS610, QCS6125, QCS6490, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 675, SD 8 Gen1 5G, SD439, SD460, SD480, SD660, SD662, SD675, SD678, SD680, SD690 5G, SD695, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDX50M, SDX55, SDX55M, SM4125, SM4375, SM6250, SM7250P, SM7315, SM7325P, SW5100, SW5100P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
CVE-2022-33217
| CVE ID | CVE-2022-33217 |
| Title | Buffer copy without checking size of input in Qualcomm IPC |
| Description | Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. |
| Technology Area | Qualcomm IPC |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/04/25 |
| Customer Notified Date | 2022/07/04 |
| Affected Chipsets* | SD 8 Gen1 5G, WCD9380, WCN6855, WCN6856, WCN7850, WCN7851, WSA8830, WSA8835 |
| Patch** | CodeLinaro link unavailable |
CVE-2022-22078
| CVE ID | CVE-2022-22078 |
| Title | Integer Overflow or Wraparound issues in BOOT |
| Description | Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated |
| Technology Area | Boot |
| Vulnerability Type | CWE-190 Integer Overflow or Wraparound |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 4.6 |
| CVSS String | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | 2020/09/09 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | AQT1000, AR8035, CSRB31024, FSM10056, MDM9150, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8337, QCA9377, QCS603, QCS605, QCS8155, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD835, SD845, SD855, SD865 5G, SD870, SDX24, SDX55, SDX55M, SDXR2 5G, SW5100, SW5100P, WCD9335, WCD9340, WCD9341, WCD9360, WCD9380, WCD9385, WCN3980, WCN3988, WCN3990, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
CVE-2022-25664
| CVE ID | CVE-2022-25664 |
| Title | Information Exposure in Graphics Linux |
| Description | Information disclosure due to exposure of information while GPU reads the data |
| Technology Area | Graphics |
| Vulnerability Type | CWE-200 Information Exposure |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.2 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Date Reported | 2021/12/05 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | APQ8009, APQ8052, APQ8053, APQ8056, APQ8076, APQ8096AU, AQT1000, MDM9150, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8996AU, QAM8295P, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8337, QCC5100, QCM6125, QCS410, QCS605, QCS610, QCS6125, QCS8155, QSM8250, Qualcomm215, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 8 Gen1 5G, SD205, SD210, SD429, SD660, SD820, SD821, SD835, SD845, SD855, SD865 5G, SD870, SD888 5G, SDA429W, SDM429W, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3998, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
CVE-2022-25666
| CVE ID | CVE-2022-25666 |
| Title | Use After Free in DSP Services |
| Description | Memory corruption due to use after free in service while trying to access maps by different threads |
| Technology Area | DSP Service |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2021/12/14 |
| Customer Notified Date | 2022/04/04 |
| Affected Chipsets* | APQ8096AU, AQT1000, AR9380, CSR8811, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9150, MDM9650, MSM8996AU, PMP8074, QAM8295P, QCA4024, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA7500, QCA8072, QCA8075, QCA8081, QCA8337, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9990, QCA9992, QCA9994, QCC5100, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6122, QCN6132, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS410, QCS610, QCS8155, QSM8250, Qualcomm215, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 8 Gen1 5G, SD205, SD210, SD429, SD835, SD845, SD855, SD865 5G, SD870, SD888 5G, SDA429W, SDM429W, SDX55, SDX55M, SDXR2 5G, SW5100, SW5100P, WCD9335, WCD9340, WCD9341, WCD9370, WCD9380, WCD9385, WCN3610, WCN3620, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3998, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
* The list of affected chipsets may not be complete. For latest information, device OEMs can contact QTI directly at www.qualcomm.com/support.
** Data is generated only at the time of bulletin creation
Industry Coordination
Security ratings of issues included in Android security bulletins and these bulletins match in the most common scenarios but may differ in some cases due to one of the following reasons:
- Consideration of security protections such as SELinux not enforced on some platforms
- Differences in assessment of some specific scenarios that involves local denial of service or privilege escalation vulnerabilities in the high level OS kernel
All Qualcomm products mentioned herein are products of Qualcomm Technologies, Inc. and/or its subsidiaries.
Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other product and brand names may be trademarks or registered trademarks of their respective owners.
This technical data may be subject to U.S. and international export, re-export, or transfer (“export”) laws. Diversion contrary to U.S. and international law is strictly prohibited.
Qualcomm Technologies, Inc.
San Diego, CA 92121
U.S.A.
© 2022 Qualcomm Technologies, Inc. and/or its subsidiaries. All rights reserved.
- October 2022 Security Bulletin
- Table of Contents
- Announcements
- Acknowledgements
- Proprietary Software Issues
- CVE-2022-25718
- CVE-2022-25748
- CVE-2022-25660
- CVE-2022-25661
- CVE-2022-25687
- CVE-2022-25719
- CVE-2022-25736
- CVE-2022-25749
- CVE-2022-33210
- CVE-2022-25662
- CVE-2022-25663
- CVE-2022-25665
- Open Source Software Issues
- CVE-2022-25720
- CVE-2022-22077
- CVE-2022-25723
- CVE-2022-25750
- CVE-2022-33214
- CVE-2022-33217
- CVE-2022-22078
- CVE-2022-25664
- CVE-2022-25666
- Industry Coordination