Qualcomm_9-26-2022

2025-05-08 19:46:39 +00:00 · 2022-09-26 22:00:18 +05:30 · 2022-09-26 22:00:18 +05:30 · 0f45fb9eda
commit 0f45fb9eda
parent 4cb21c30d6
1 changed files with 65 additions and 14 deletions
--- a/2022/22xxx/CVE-2022-22058.json
+++ b/2022/22xxx/CVE-2022-22058.json
@ -1,17 +1,68 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
   "CVE_data_meta": {
+      "ASSIGNER": "product-security@qualcomm.com", 
      "ID": "CVE-2022-22058", 
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+      "STATE": "PUBLIC"
   }, 
-    "description": {
-        "description_data": [
+   "affects": {
+      "vendor": {
+         "vendor_data": [
            {
-                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+               "product": {
+                  "product_data": [
+                     {
+                        "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables", 
+                        "version": {
+                           "version_data": [
+                              {
+                                 "version_value": "APQ8009, APQ8009W, APQ8017, APQ8053, APQ8096AU, AQT1000, CSRB31024, MDM9150, MDM9206, MDM9250, MDM9607, MDM9626, MDM9628, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8937, MSM8953, MSM8996AU, PM8937, QCA4020, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6420, QCA6430, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6595AU, QCA6696, QCA9367, QCA9377, QCA9379, QCN7605, QCN7606, QCS603, QCS605, Qualcomm215, SA415M, SD429, SD439, SD450, SD632, SD660, SD670, SD710, SD820, SD835, SD845, SD855, SDM429W, SDW2500, SDX20, SDX24, SDXR1, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3980, WCN3990, WCN3998, WSA8810, WSA8815"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               }, 
+               "vendor_name": "Qualcomm, Inc."
+            }
+         ]
+      }
+   }, 
+   "data_format": "MITRE", 
+   "data_type": "CVE", 
+   "data_version": "4.0", 
+   "description": {
+      "description_data": [
+         {
+            "lang": "eng", 
+            "value": "Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables"
+         }
+      ]
+   }, 
+   "impact": {
+      "cvss": {
+         "baseScore": 8.4, 
+         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", 
+         "version": "3.1"
+      }
+   }, 
+   "problemtype": {
+      "problemtype_data": [
+         {
+            "description": [
+               {
+                  "lang": "eng", 
+                  "value": "Possible Use-After-Free in Kernel"
+               }
+            ]
+         }
+      ]
+   }, 
+   "references": {
+      "reference_data": [
+         {
+            "name": "https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin", 
+            "refsource": "CONFIRM", 
+            "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin"
         }
      ]
   }