Vulnerabilities > CVE-2022-33304 - NULL Pointer Dereference vulnerability in Qualcomm products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

qualcomm

CWE-476

NVD

Published: 2023-05-02

Updated: 2024-04-12

Summary

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm 9205 LTE Modem Firmware - Qualcomm 9206 LTE Modem Firmware - Qualcomm 9207 LTE Modem Firmware - Qualcomm Ar8031 Firmware - Qualcomm Csra6620 Firmware - Qualcomm Csra6640 Firmware - Qualcomm Wcn685X 5 Firmware - Qualcomm Wcn685X 1 Firmware - Qualcomm Wcn785X 1 Firmware - Qualcomm Wcn785X 5 Firmware - Qualcomm QCA 4020 0 217Msp Firmware - Qualcomm QCA 4020 1 217Msp Firmware - Qualcomm QCA 4024 0 68Cmqfn Firmware - Qualcomm QCA 4024 1 68Cmqfn Firmware - Qualcomm Mdm8207 Firmware - Qualcomm Qca4004 Firmware - Qualcomm Qca4024 Firmware - Qualcomm Qts110 Firmware - Qualcomm Qcs400 Firmware - Qualcomm Snapdragon 1100 Wearable Platform Firmware - Qualcomm Snapdragon 1200 Wearable Platform Firmware - Qualcomm Snapdragon AR2 GEN 1 Platform Firmware - Qualcomm Snapdragon Wear 1300 Platform Firmware - Qualcomm Snapdragon X5 LTE Modem Firmware - Qualcomm Ssg2115P Firmware - Qualcomm Ssg2125P Firmware - Qualcomm Sxr1230P Firmware - Qualcomm Sxr2230P Firmware - Qualcomm Wcd9306 Firmware - Qualcomm Wcd9330 Firmware - Qualcomm Wcd9335 Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wcn3980 Firmware - Qualcomm Wcn3999 Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware - Qualcomm Wsa8830 Firmware - Qualcomm Wsa8832 Firmware - Qualcomm Wsa8835 Firmware -	40
Hardware	Qualcomm Qualcomm 9205 LTE Modem - Qualcomm 9206 LTE Modem - Qualcomm 9207 LTE Modem - Qualcomm Ar8031 - Qualcomm Csra6620 - Qualcomm Csra6640 - Qualcomm Wcn685X 5 - Qualcomm Wcn685X 1 - Qualcomm Wcn785X 1 - Qualcomm Wcn785X 5 - Qualcomm QCA 4020 0 217Msp - Qualcomm QCA 4020 1 217Msp - Qualcomm QCA 4024 0 68Cmqfn - Qualcomm QCA 4024 1 68Cmqfn - Qualcomm Mdm8207 - Qualcomm Qca4004 - Qualcomm Qca4024 - Qualcomm Qts110 - Qualcomm Qcs400 - Qualcomm Snapdragon 1100 Wearable Platform - Qualcomm Snapdragon 1200 Wearable Platform - Qualcomm Snapdragon AR2 GEN 1 Platform - Qualcomm Snapdragon Wear 1300 Platform - Qualcomm Snapdragon X5 LTE Modem - Qualcomm Ssg2115P - Qualcomm Ssg2125P - Qualcomm Sxr1230P - Qualcomm Sxr2230P - Qualcomm Wcd9306 - Qualcomm Wcd9330 - Qualcomm Wcd9335 - Qualcomm Wcd9380 - Qualcomm Wcd9385 - Qualcomm Wcn3980 - Qualcomm Wcn3999 - Qualcomm Wsa8810 - Qualcomm Wsa8815 - Qualcomm Wsa8830 - Qualcomm Wsa8832 - Qualcomm Wsa8835 -	40

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin