cvelist/2022/22xxx/CVE-2022-22072.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com", 
      "ID": "CVE-2022-22072", 
      "STATE": "PUBLIC"
   }, 
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music", 
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8009, APQ8017, APQ8053, APQ8096AU, AR8031, CSRA6620, CSRA6640, MDM9150, MDM9206, MDM9250, MDM9607, MDM9626, MDM9628, MDM9650, MSM8937, PM8937, QCA4020, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA9367, QCA9377, QCA9379, QCS405, QCS603, QCS605, SA515M, SD670, SD710, SD820, SD835, SD845, SDX12, SDX20, SDX24, SDXR1, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3980, WCN3990, WCN3998, WCN3999, WSA8810, WSA8815"
                              }
                           ]
                        }
                     }
                  ]
               }, 
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   }, 
   "data_format": "MITRE", 
   "data_type": "CVE", 
   "data_version": "4.0", 
   "description": {
      "description_data": [
         {
            "lang": "eng", 
            "value": "Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music"
         }
      ]
   }, 
   "impact": {
      "cvss": {
         "baseScore": 7.8, 
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", 
         "version": "3.1"
      }
   }, 
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng", 
                  "value": "Buffer Copy Without Checking Size of Input in WLAN"
               }
            ]
         }
      ]
   }, 
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin", 
            "refsource": "CONFIRM", 
            "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
         }
      ]
   }
}