CVE-2022-25750 — Double Free in INC Snapdragon Mobile

CWE-415 — Double Free2 documents2 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 69.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qualcomm INC Snapdragon Mobile

Timeline

PublishedOct 19

Description

Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶CVEListV5qualcomm_inc/snapdragon_mobileKailua, SG8275, SG8275P, SM8550, WCD9380, WCD9385, WCD9390, WCD9395, WCN6855, WCN6856, WCN7850, WCN7851, WSA8840, WSA8845, WSA8845H

Patches

Patch: www.qualcomm.com ↗Patch: www.qualcomm.com ↗

🔴Vulnerability Details

GHSA

GHSA-3rf7-cxmv-24rp: Memory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon Mobile↗2022-10-19

▶