{ "id": "CVE-2022-33297", "sourceIdentifier": "product-security@qualcomm.com", "published": "2023-04-13T07:15:18.913", "lastModified": "2023-04-24T16:11:31.613", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Information disclosure due to buffer overread in Linux sensors" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, "impactScore": 3.6 }, { "source": "product-security@qualcomm.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 6.8, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.5, "impactScore": 4.2 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-125" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_platform_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FC405AC-8196-490F-B6B9-8067BB8B0C8A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "B639DD76-26BC-4A9B-8E09-D71ACF35A284" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" } ] } ] } ], "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin", "source": "product-security@qualcomm.com", "tags": [ "Vendor Advisory" ] } ] }