CVE-2022-40505

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:21

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 8.2
References () https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin - Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin - Vendor Advisory

09 May 2023, 16:34

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
References (MISC) https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin - (MISC) https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin - Vendor Advisory
CWE CWE-125
First Time Qualcomm qca4004
Qualcomm snapdragon 1200 Wearable Platform Firmware
Qualcomm snapdragon X5 Lte Modem Firmware
Qualcomm 9205 Lte Modem
Qualcomm snapdragon 1100 Wearable Platform Firmware
Qualcomm 9207 Lte Modem
Qualcomm wcd9330 Firmware
Qualcomm snapdragon X5 Lte Modem
Qualcomm mdm8207
Qualcomm snapdragon Wear 1300 Platform Firmware
Qualcomm qca4004 Firmware
Qualcomm qts110 Firmware
Qualcomm snapdragon Wear 1300 Platform
Qualcomm 9207 Lte Modem Firmware
Qualcomm snapdragon 1200 Wearable Platform
Qualcomm snapdragon 1100 Wearable Platform
Qualcomm 9205 Lte Modem Firmware
Qualcomm qts110
Qualcomm 9206 Lte Modem
Qualcomm wcd9330
Qualcomm wcd9306
Qualcomm wcd9306 Firmware
Qualcomm mdm8207 Firmware
Qualcomm qca4010 Firmware
Qualcomm 9206 Lte Modem Firmware
Qualcomm qca4010
Qualcomm

02 May 2023, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-02 06:15

Updated : 2024-11-21 07:21


NVD link : CVE-2022-40505

Mitre link : CVE-2022-40505

CVE.ORG link : CVE-2022-40505


JSON object : View

Products Affected

qualcomm

  • qts110_firmware
  • qts110
  • 9205_lte_modem
  • snapdragon_1200_wearable_platform
  • wcd9330
  • qca4010_firmware
  • mdm8207
  • qca4004
  • snapdragon_1100_wearable_platform_firmware
  • 9205_lte_modem_firmware
  • wcd9306_firmware
  • snapdragon_wear_1300_platform_firmware
  • snapdragon_x5_lte_modem_firmware
  • wcd9330_firmware
  • 9207_lte_modem_firmware
  • 9207_lte_modem
  • snapdragon_x5_lte_modem
  • snapdragon_wear_1300_platform
  • qca4004_firmware
  • qca4010
  • snapdragon_1200_wearable_platform_firmware
  • mdm8207_firmware
  • 9206_lte_modem_firmware
  • 9206_lte_modem
  • snapdragon_1100_wearable_platform
  • wcd9306
CWE
CWE-126

Buffer Over-read

CWE-125

Out-of-bounds Read