{"containers":{"cna":{"affected":[{"product":"Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables","vendor":"Qualcomm, Inc.","versions":[{"status":"affected","version":"AR8035, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCS6490, SA6155P, SA8155P, SA8195P, SD 8 Gen1 5G, SD460, SD480, SD695, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDX12, SDX55M, SDX65, SDXR2 5G, SM7315, SM7325P, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835"}]}],"descriptions":[{"lang":"en","value":"Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"Integer Overflow or Wraparound in Kernel","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-09-16T05:25:53.000Z","orgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","shortName":"qualcomm"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"product-security@qualcomm.com","ID":"CVE-2022-25656","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables","version":{"version_data":[{"version_value":"AR8035, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM6490, QCS6490, SA6155P, SA8155P, SA8195P, SD 8 Gen1 5G, SD460, SD480, SD695, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDX12, SDX55M, SDX65, SDXR2 5G, SM7315, SM7325P, SM7450, SM8475, SM8475P, SW5100, SW5100P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835"}]}}]},"vendor_name":"Qualcomm, Inc."}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables"}]},"impact":{"cvss":{"baseScore":8.4,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Integer Overflow or Wraparound in Kernel"}]}]},"references":{"reference_data":[{"name":"https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin","refsource":"CONFIRM","url":"https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T04:42:50.660Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin"}]}]},"cveMetadata":{"assignerOrgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","assignerShortName":"qualcomm","cveId":"CVE-2022-25656","datePublished":"2022-09-16T05:25:53.000Z","dateReserved":"2022-02-22T00:00:00.000Z","dateUpdated":"2024-08-03T04:42:50.660Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}