#VU71015 Buffer over-read in Qualcomm Hardware solutions


Published: 2023-01-10

Vulnerability identifier: #VU71015

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-33253

CWE-ID: CWE-126

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
AQT1000
Mobile applications / Mobile firmware & hardware
AR8035
Mobile applications / Mobile firmware & hardware
AR9380
Mobile applications / Mobile firmware & hardware
CSR8811
Mobile applications / Mobile firmware & hardware
CSRB31024
Mobile applications / Mobile firmware & hardware
IPQ5010
Mobile applications / Mobile firmware & hardware
IPQ5018
Mobile applications / Mobile firmware & hardware
IPQ5028
Mobile applications / Mobile firmware & hardware
IPQ6000
Mobile applications / Mobile firmware & hardware
IPQ6010
Mobile applications / Mobile firmware & hardware
IPQ6018
Mobile applications / Mobile firmware & hardware
IPQ6028
Mobile applications / Mobile firmware & hardware
IPQ8065
Mobile applications / Mobile firmware & hardware
IPQ8068
Mobile applications / Mobile firmware & hardware
IPQ8070
Mobile applications / Mobile firmware & hardware
IPQ8070A
Mobile applications / Mobile firmware & hardware
IPQ8071A
Mobile applications / Mobile firmware & hardware
IPQ8072A
Mobile applications / Mobile firmware & hardware
IPQ8074A
Mobile applications / Mobile firmware & hardware
IPQ8076
Mobile applications / Mobile firmware & hardware
IPQ8076A
Mobile applications / Mobile firmware & hardware
IPQ8078
Mobile applications / Mobile firmware & hardware
IPQ8078A
Mobile applications / Mobile firmware & hardware
IPQ8173
Mobile applications / Mobile firmware & hardware
IPQ8174
Mobile applications / Mobile firmware & hardware
IPQ9008
Mobile applications / Mobile firmware & hardware
IPQ9574
Mobile applications / Mobile firmware & hardware
PMP8074
Mobile applications / Mobile firmware & hardware
QAM8295P
Mobile applications / Mobile firmware & hardware
QCA1062
Mobile applications / Mobile firmware & hardware
QCA1064
Mobile applications / Mobile firmware & hardware
QCA2062
Mobile applications / Mobile firmware & hardware
QCA2064
Mobile applications / Mobile firmware & hardware
QCA2065
Mobile applications / Mobile firmware & hardware
QCA2066
Mobile applications / Mobile firmware & hardware
QCA4024
Mobile applications / Mobile firmware & hardware
QCA6390
Mobile applications / Mobile firmware & hardware
QCA6391
Mobile applications / Mobile firmware & hardware
QCA6420
Mobile applications / Mobile firmware & hardware
QCA6421
Mobile applications / Mobile firmware & hardware
QCA6426
Mobile applications / Mobile firmware & hardware
QCA6430
Mobile applications / Mobile firmware & hardware
QCA6431
Mobile applications / Mobile firmware & hardware
QCA6436
Mobile applications / Mobile firmware & hardware
QCA6554A
Mobile applications / Mobile firmware & hardware
QCA6564AU
Mobile applications / Mobile firmware & hardware
QCA6574
Mobile applications / Mobile firmware & hardware
QCA6574A
Mobile applications / Mobile firmware & hardware
QCA6584AU
Mobile applications / Mobile firmware & hardware
QCA6595
Mobile applications / Mobile firmware & hardware
QCA6595AU
Mobile applications / Mobile firmware & hardware
QCA6696
Mobile applications / Mobile firmware & hardware
QCA8072
Mobile applications / Mobile firmware & hardware
QCA8075
Mobile applications / Mobile firmware & hardware
QCA8081
Mobile applications / Mobile firmware & hardware
QCA8082
Mobile applications / Mobile firmware & hardware
QCA8084
Mobile applications / Mobile firmware & hardware
QCA8085
Mobile applications / Mobile firmware & hardware
QCA8337
Mobile applications / Mobile firmware & hardware
QCA8386
Mobile applications / Mobile firmware & hardware
QCA9886
Mobile applications / Mobile firmware & hardware
QCA9888
Mobile applications / Mobile firmware & hardware
QCA9889
Mobile applications / Mobile firmware & hardware
QCA9984
Mobile applications / Mobile firmware & hardware
QCA9985
Mobile applications / Mobile firmware & hardware
QCA9986
Mobile applications / Mobile firmware & hardware
QCA9990
Mobile applications / Mobile firmware & hardware
QCA9992
Mobile applications / Mobile firmware & hardware
QCA9994
Mobile applications / Mobile firmware & hardware
QCM6490
Mobile applications / Mobile firmware & hardware
QCN5021
Mobile applications / Mobile firmware & hardware
QCN5022
Mobile applications / Mobile firmware & hardware
QCN5024
Mobile applications / Mobile firmware & hardware
QCN5052
Mobile applications / Mobile firmware & hardware
QCN5054
Mobile applications / Mobile firmware & hardware
QCN5122
Mobile applications / Mobile firmware & hardware
QCN5124
Mobile applications / Mobile firmware & hardware
QCN5152
Mobile applications / Mobile firmware & hardware
QCN5154
Mobile applications / Mobile firmware & hardware
QCN5164
Mobile applications / Mobile firmware & hardware
QCN6023
Mobile applications / Mobile firmware & hardware
QCN6024
Mobile applications / Mobile firmware & hardware
QCN6100
Mobile applications / Mobile firmware & hardware
QCN6102
Mobile applications / Mobile firmware & hardware
QCN6112
Mobile applications / Mobile firmware & hardware
QCN6122
Mobile applications / Mobile firmware & hardware
QCN9000
Mobile applications / Mobile firmware & hardware
QCN9001
Mobile applications / Mobile firmware & hardware
QCN9002
Mobile applications / Mobile firmware & hardware
QCN9003
Mobile applications / Mobile firmware & hardware
QCN9011
Mobile applications / Mobile firmware & hardware
QCN9012
Mobile applications / Mobile firmware & hardware
QCN9022
Mobile applications / Mobile firmware & hardware
QCN9024
Mobile applications / Mobile firmware & hardware
QCN9070
Mobile applications / Mobile firmware & hardware
QCN9072
Mobile applications / Mobile firmware & hardware
QCN9074
Mobile applications / Mobile firmware & hardware
QCN9100
Mobile applications / Mobile firmware & hardware
QCN9274
Mobile applications / Mobile firmware & hardware
QCS6490
Mobile applications / Mobile firmware & hardware
QCX315
Mobile applications / Mobile firmware & hardware
QRB5165
Mobile applications / Mobile firmware & hardware
QRB5165M
Mobile applications / Mobile firmware & hardware
QRB5165N
Mobile applications / Mobile firmware & hardware
QSM8250
Mobile applications / Mobile firmware & hardware
QSM8350
Mobile applications / Mobile firmware & hardware
SA4150P
Mobile applications / Mobile firmware & hardware
SA415M
Mobile applications / Mobile firmware & hardware
SA515M
Mobile applications / Mobile firmware & hardware
SA6145P
Mobile applications / Mobile firmware & hardware
SA6150P
Mobile applications / Mobile firmware & hardware
SA6155
Mobile applications / Mobile firmware & hardware
SA8145P
Mobile applications / Mobile firmware & hardware
SA8150P
Mobile applications / Mobile firmware & hardware
SA8155
Mobile applications / Mobile firmware & hardware
SA8155P
Mobile applications / Mobile firmware & hardware
SA8195P
Mobile applications / Mobile firmware & hardware
SA8295P
Mobile applications / Mobile firmware & hardware
SC8180X+SDX55
Mobile applications / Mobile firmware & hardware
SD 8 Gen1 5G
Mobile applications / Mobile firmware & hardware
SD 8cx Gen2
Mobile applications / Mobile firmware & hardware
SD 8cx Gen3
Mobile applications / Mobile firmware & hardware
SD778G
Mobile applications / Mobile firmware & hardware
SD780G
Mobile applications / Mobile firmware & hardware
SD865 5G
Mobile applications / Mobile firmware & hardware
SD870
Mobile applications / Mobile firmware & hardware
SD888 5G
Mobile applications / Mobile firmware & hardware
SDX55M
Mobile applications / Mobile firmware & hardware
SDX65
Mobile applications / Mobile firmware & hardware
SDXR2 5G
Mobile applications / Mobile firmware & hardware
SM7315
Mobile applications / Mobile firmware & hardware
SM7325P
Mobile applications / Mobile firmware & hardware
SXR2150P
Mobile applications / Mobile firmware & hardware
WCD9340
Mobile applications / Mobile firmware & hardware
WCD9341
Mobile applications / Mobile firmware & hardware
WCD9360
Mobile applications / Mobile firmware & hardware
WCD9370
Mobile applications / Mobile firmware & hardware
WCD9375
Mobile applications / Mobile firmware & hardware
WCD9380
Mobile applications / Mobile firmware & hardware
WCD9385
Mobile applications / Mobile firmware & hardware
WCN3980
Mobile applications / Mobile firmware & hardware
WCN3998
Mobile applications / Mobile firmware & hardware
WCN6740
Mobile applications / Mobile firmware & hardware
WCN6750
Mobile applications / Mobile firmware & hardware
WCN6850
Mobile applications / Mobile firmware & hardware
WCN6851
Mobile applications / Mobile firmware & hardware
WCN6855
Mobile applications / Mobile firmware & hardware
WCN6856
Mobile applications / Mobile firmware & hardware
WCN7850
Mobile applications / Mobile firmware & hardware
WCN7851
Mobile applications / Mobile firmware & hardware
WSA8810
Mobile applications / Mobile firmware & hardware
WSA8815
Mobile applications / Mobile firmware & hardware
WSA8830
Mobile applications / Mobile firmware & hardware
WSA8835
Mobile applications / Mobile firmware & hardware
IPQ8064
Hardware solutions / Firmware
QCA6574AU
Hardware solutions / Firmware
QCA9980
Hardware solutions / Firmware
QCN6132
Hardware solutions / Firmware
SA6155P
Hardware solutions / Firmware
SD888
Hardware solutions / Firmware
SDX55
Hardware solutions / Firmware

Vendor: Qualcomm

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation in WLAN. A remote attacker can perform a denial of service (DoS) attack.

Mitigation
Install security update from vendor's website.

Vulnerable software versions

AQT1000: All versions

AR8035: All versions

AR9380: All versions

CSR8811: All versions

CSRB31024: All versions

IPQ5010: All versions

IPQ5018: All versions

IPQ5028: All versions

IPQ6000: All versions

IPQ6010: All versions

IPQ6018: All versions

IPQ6028: All versions

IPQ8064: All versions

IPQ8065: All versions

IPQ8068: All versions

IPQ8070: All versions

IPQ8070A: All versions

IPQ8071A: All versions

IPQ8072A: All versions

IPQ8074A: All versions

IPQ8076: All versions

IPQ8076A: All versions

IPQ8078: All versions

IPQ8078A: All versions

IPQ8173: All versions

IPQ8174: All versions

IPQ9008: All versions

IPQ9574: All versions

PMP8074: All versions

QAM8295P: All versions

QCA1062: All versions

QCA1064: All versions

QCA2062: All versions

QCA2064: All versions

QCA2065: All versions

QCA2066: All versions

QCA4024: All versions

QCA6390: All versions

QCA6391: All versions

QCA6420: All versions

QCA6421: All versions

QCA6426: All versions

QCA6430: All versions

QCA6431: All versions

QCA6436: All versions

QCA6554A: All versions

QCA6564AU: All versions

QCA6574: All versions

QCA6574A: All versions

QCA6574AU: All versions

QCA6584AU: All versions

QCA6595: All versions

QCA6595AU: All versions

QCA6696: All versions

QCA8072: All versions

QCA8075: All versions

QCA8081: All versions

QCA8082: All versions

QCA8084: All versions

QCA8085: All versions

QCA8337: All versions

QCA8386: All versions

QCA9886: All versions

QCA9888: All versions

QCA9889: All versions

QCA9980: All versions

QCA9984: All versions

QCA9985: All versions

QCA9986: All versions

QCA9990: All versions

QCA9992: All versions

QCA9994: All versions

QCM6490: All versions

QCN5021: All versions

QCN5022: All versions

QCN5024: All versions

QCN5052: All versions

QCN5054: All versions

QCN5122: All versions

QCN5124: All versions

QCN5152: All versions

QCN5154: All versions

QCN5164: All versions

QCN6023: All versions

QCN6024: All versions

QCN6100: All versions

QCN6102: All versions

QCN6112: All versions

QCN6122: All versions

QCN6132: All versions

QCN9000: All versions

QCN9001: All versions

QCN9002: All versions

QCN9003: All versions

QCN9011: All versions

QCN9012: All versions

QCN9022: All versions

QCN9024: All versions

QCN9070: All versions

QCN9072: All versions

QCN9074: All versions

QCN9100: All versions

QCN9274: All versions

QCS6490: All versions

QCX315: All versions

QRB5165: All versions

QRB5165M: All versions

QRB5165N: All versions

QSM8250: All versions

QSM8350: All versions

SA4150P: All versions

SA415M: All versions

SA515M: All versions

SA6145P: All versions

SA6150P: All versions

SA6155: All versions

SA6155P: All versions

SA8145P: All versions

SA8150P: All versions

SA8155: All versions

SA8155P: All versions

SA8195P: All versions

SA8295P: All versions

SC8180X+SDX55: All versions

SD 8 Gen1 5G: All versions

SD 8cx Gen2: All versions

SD 8cx Gen3: All versions

SD778G: All versions

SD780G: All versions

SD865 5G: All versions

SD870: All versions

SD888: All versions

SD888 5G: All versions

SDX55: All versions

SDX55M: All versions

SDX65: All versions

SDXR2 5G: All versions

SM7315: All versions

SM7325P: All versions

SXR2150P: All versions

WCD9340: All versions

WCD9341: All versions

WCD9360: All versions

WCD9370: All versions

WCD9375: All versions

WCD9380: All versions

WCD9385: All versions

WCN3980: All versions

WCN3998: All versions

WCN6740: All versions

WCN6750: All versions

WCN6850: All versions

WCN6851: All versions

WCN6855: All versions

WCN6856: All versions

WCN7850: All versions

WCN7851: All versions

WSA8810: All versions

WSA8815: All versions

WSA8830: All versions

WSA8835: All versions


External links
http://docs.qualcomm.com/product/publicresources/securitybulletin/january-2023-bulletin.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability