Vulnerabilities > CVE-2022-33280 - Access of Uninitialized Pointer vulnerability in Qualcomm products

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

qualcomm

CWE-824

NVD

Published: 2023-02-12

Updated: 2024-04-12

Summary

Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Apq8096Au Firmware - Qualcomm Ar8031 Firmware - Qualcomm Ar8035 Firmware - Qualcomm Csra6620 Firmware - Qualcomm Csra6640 Firmware - Qualcomm Mdm9150 Firmware - Qualcomm Mdm9250 Firmware - Qualcomm Mdm9628 Firmware - Qualcomm Mdm9650 Firmware - Qualcomm Qca6174A Firmware - Qualcomm Qca6391 Firmware - Qualcomm Qca6564A Firmware - Qualcomm Qca6564Au Firmware - Qualcomm Qca6574A Firmware - Qualcomm Qca6574Au Firmware - Qualcomm Qca6584Au Firmware - Qualcomm Qca6595Au Firmware - Qualcomm Qca8081 Firmware - Qualcomm Qca8337 Firmware - Qualcomm Qca9377 Firmware - Qualcomm Qcn6024 Firmware - Qualcomm Qcn9011 Firmware - Qualcomm Qcn9012 Firmware - Qualcomm Qcn9024 Firmware - Qualcomm Qcn9074 Firmware - Qualcomm Qcs405 Firmware - Qualcomm Qcs410 Firmware - Qualcomm Qcs605 Firmware - Qualcomm Qcs610 Firmware - Qualcomm Qrb5165 Firmware - Qualcomm Qrb5165M Firmware - Qualcomm Qrb5165N Firmware - Qualcomm Sa6155P Firmware - Qualcomm Sa8155P Firmware - Qualcomm Sa8195P Firmware - Qualcomm Sd429 Firmware - Qualcomm Sd626 Firmware - Qualcomm Sd835 Firmware - Qualcomm Sdm429W Firmware - Qualcomm Sdx20 Firmware - Qualcomm Sdx20M Firmware - Qualcomm Sdx24 Firmware - Qualcomm Sdx55 Firmware - Qualcomm Sdx65 Firmware - Qualcomm Wcd9326 Firmware - Qualcomm Wcd9335 Firmware - Qualcomm Wcd9341 Firmware - Qualcomm Wcd9370 Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wcn3620 Firmware - Qualcomm Wcn3660B Firmware - Qualcomm Wcn3680B Firmware - Qualcomm Wcn3950 Firmware - Qualcomm Wcn3980 Firmware - Qualcomm Wcn3988 Firmware - Qualcomm Wcn3990 Firmware - Qualcomm Wcn3998 Firmware - Qualcomm Wcn6855 Firmware - Qualcomm Wcn6856 Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware -	62
Hardware	Qualcomm Qualcomm Apq8096Au - Qualcomm Ar8031 - Qualcomm Ar8035 - Qualcomm Csra6620 - Qualcomm Csra6640 - Qualcomm Mdm9150 - Qualcomm Mdm9250 - Qualcomm Mdm9628 - Qualcomm Mdm9650 - Qualcomm Qca6174A - Qualcomm Qca6391 - Qualcomm Qca6564A - Qualcomm Qca6564Au - Qualcomm Qca6574A - Qualcomm Qca6574Au - Qualcomm Qca6584Au - Qualcomm Qca6595Au - Qualcomm Qca8081 - Qualcomm Qca8337 - Qualcomm Qca9377 - Qualcomm Qcn6024 - Qualcomm Qcn9011 - Qualcomm Qcn9012 - Qualcomm Qcn9024 - Qualcomm Qcn9074 - Qualcomm Qcs405 - Qualcomm Qcs410 - Qualcomm Qcs605 - Qualcomm Qcs610 - Qualcomm Qrb5165 - Qualcomm Qrb5165M - Qualcomm Qrb5165N - Qualcomm Sa6155P - Qualcomm Sa8155P - Qualcomm Sa8195P - Qualcomm Sd429 - Qualcomm Sd626 - Qualcomm Sd835 - Qualcomm Sdm429W - Qualcomm Sdx20 - Qualcomm Sdx20M - Qualcomm Sdx24 - Qualcomm Sdx55 - Qualcomm Sdx65 - Qualcomm Wcd9326 - Qualcomm Wcd9335 - Qualcomm Wcd9341 - Qualcomm Wcd9370 - Qualcomm Wcd9380 - Qualcomm Wcd9385 - Qualcomm Wcn3620 - Qualcomm Wcn3660B - Qualcomm Wcn3680B - Qualcomm Wcn3950 - Qualcomm Wcn3980 - Qualcomm Wcn3988 - Qualcomm Wcn3990 - Qualcomm Wcn3998 - Qualcomm Wcn6855 - Qualcomm Wcn6856 - Qualcomm Wsa8810 - Qualcomm Wsa8815 -	62

Common Weakness Enumeration (CWE)

CWE-824 - Access of Uninitialized Pointer

References

https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin