Vulnerabilities > CVE-2022-33281 - Improper Validation of Array Index vulnerability in Qualcomm products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2023-05-02

Updated: 2024-04-12

Summary

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.

Part	Description	Count
OS	Qualcomm Qualcomm Wcn685X 5 Firmware - Qualcomm Wcn685X 1 Firmware - Qualcomm Wcn785X 1 Firmware - Qualcomm Wcn785X 5 Firmware - Qualcomm Sm8450 Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wsa8830 Firmware - Qualcomm Wsa8835 Firmware -	8
Hardware	Qualcomm Qualcomm Wcn685X 5 - Qualcomm Wcn685X 1 - Qualcomm Wcn785X 1 - Qualcomm Wcn785X 5 - Qualcomm Sm8450 - Qualcomm Wcd9380 - Qualcomm Wsa8830 - Qualcomm Wsa8835 -	8

Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.