CVE-2022-33285 — Out-of-bounds Read in INC Snapdragon

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 35.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJan 9

Description

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

▶CVEListV5qualcomm_inc/snapdragon278 versions+277

GHSA

GHSA-jjmh-958w-rr2j: Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames↗2023-01-09

▶

Android

CVE-2022-33285: Closed-source component↗2023-01-01

▶