Vulnerabilities > CVE-2022-25715 - Incorrect Type Conversion or Cast vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-704

NVD

Published: 2023-01-09

Updated: 2023-01-13

Summary

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Aqt1000 Firmware - Qualcomm Mdm9150 Firmware - Qualcomm Qca6391 Firmware - Qualcomm Qca6420 Firmware - Qualcomm Qca6430 Firmware - Qualcomm Qca8337 Firmware - Qualcomm Qcn9074 Firmware - Qualcomm Qcs410 Firmware - Qualcomm Qcs610 Firmware - Qualcomm Qcs8155 Firmware - Qualcomm Qualcomm215 Firmware - Qualcomm Sa515M Firmware - Qualcomm Sa8155P Firmware - Qualcomm Sd205 Firmware - Qualcomm Sd210 Firmware - Qualcomm Sd429 Firmware - Qualcomm Sd855 Firmware - Qualcomm Sda429W Firmware - Qualcomm Sdm429W Firmware - Qualcomm Sdx55 Firmware - Qualcomm Wcd9340 Firmware - Qualcomm Wcd9341 Firmware - Qualcomm Wcd9370 Firmware - Qualcomm Wcn3610 Firmware - Qualcomm Wcn3620 Firmware - Qualcomm Wcn3660B Firmware - Qualcomm Wcn3680B Firmware - Qualcomm Wcn3950 Firmware - Qualcomm Wcn3980 Firmware - Qualcomm Wcn3998 Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware -	32
Hardware	Qualcomm Qualcomm Aqt1000 - Qualcomm Mdm9150 - Qualcomm Qca6391 - Qualcomm Qca6420 - Qualcomm Qca6430 - Qualcomm Qca8337 - Qualcomm Qcn9074 - Qualcomm Qcs410 - Qualcomm Qcs610 - Qualcomm Qcs8155 - Qualcomm Qualcomm215 - Qualcomm Sa515M - Qualcomm Sa8155P - Qualcomm Sd205 - Qualcomm Sd210 - Qualcomm Sd429 - Qualcomm Sd855 - Qualcomm Sda429W - Qualcomm Sdm429W - Qualcomm Sdx55 - Qualcomm Wcd9340 - Qualcomm Wcd9341 - Qualcomm Wcd9370 - Qualcomm Wcn3610 - Qualcomm Wcn3620 - Qualcomm Wcn3660B - Qualcomm Wcn3680B - Qualcomm Wcn3950 - Qualcomm Wcn3980 - Qualcomm Wcn3998 - Qualcomm Wsa8810 - Qualcomm Wsa8815 -	32

Common Weakness Enumeration (CWE)

CWE-704 - Incorrect Type Conversion or Cast

References

https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin