CVE-2023-22385 — Buffer Over-read in INC Snapdragon

Severity

9.8CRITICALNVD

EPSS

0.1%

top 68.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 3

Description

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

▶CVEListV5qualcomm_inc/snapdragon237 versions+236

GHSA

GHSA-4vv2-435c-33ch: Memory Corruption in Data Modem while making a MO call or MT VOLTE call↗2023-10-03

▶

Android

CVE-2023-22385: Closed-source component↗2023-10-01

▶