#VU71963 Access of Uninitialized Pointer in Qualcomm products - CVE-2022-33280

Vulnerability identifier: #VU71963

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-33280

CWE-ID: CWE-824

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
APQ8096AU
MDM9150
MDM9650
QCA6174A
QCA6574AU
QCA9377
QCS405
QCS605
SA6155P
SD835
SDM429W
SDX20
SDX24
SDX55
AR8031
AR8035
CSRA6620
CSRA6640
MDM9250
MDM9628
QCA6391
QCA6564A
QCA6564AU
QCA6574A
QCA6584AU
QCA6595AU
QCA8081
QCA8337
QCN6024
QCN9011
QCN9012
QCN9024
QCN9074
QCS410
QCS610
QRB5165
QRB5165M
QRB5165N
SA8155P
SA8195P
SD429
SD626
SDX20M
SDX65
WCD9326
WCD9335
WCD9341
WCD9370
WCD9380
WCD9385
WCN3620
WCN3660B
WCN3680B
WCN3950
WCN3980
WCN3988
WCN3990
WCN3998
WCN6855
WCN6856
WSA8810
WSA8815

Software vendor:
Qualcomm

The vulnerability allows an attacker to read and manipulate data.

The vulnerability exists due to improper input validation in the Bluetooth HOST. An attacker with physical proximity to the device can trigger memory corruption by sending a specially crafted AVRCP packet and read or manipulate data.

Install security update from vendor's website.

• https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2023-bulletin.html
• https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth/-/commit/3b74f1cbe3e849adf717dc2ad1a58c84b91b729b
• https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/system/bt/-/commit/3e99045af6ded3e3e2d8653050c90d1bc4d2c028
• https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth_ext/-/commit/3c858f5650918e88cebb104980f108f41a90aee8