CVE-2022-25743 – Qualcomm Adreno/KGSL Unchecked Cast / Type Confusion
https://notcve.org/view.php?id=CVE-2022-25743
Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Corrupción de la memoria en los gráficos debido al use-after-free al importar el búfer de gráficos en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Qualcomm Adreno/KGSL suffers from an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr(). • http://packetstormsecurity.com/files/172663/Qualcomm-Adreno-KGSL-Unchecked-Cast-Type-Confusion.html https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin • CWE-416: Use After Free •
CVE-2022-25710
https://notcve.org/view.php?id=CVE-2022-25710
Denial of service due to null pointer dereference when GATT is disconnected in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Denegación de servicio debido a desreferencia de puntero nulo cuando GATT se desconecta en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin • CWE-476: NULL Pointer Dereference •
CVE-2022-25674
https://notcve.org/view.php?id=CVE-2022-25674
Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music Problemas criptográficos en WLAN durante el handshake de claves del grupo del protocolo WPA/WPA2 en Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin •
CVE-2022-25727
https://notcve.org/view.php?id=CVE-2022-25727
Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music Corrupción de la memoria en el módem debido a una verificación de longitud incorrecta al copiar en la memoria en Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin • CWE-1284: Improper Validation of Specified Quantity in Input •
CVE-2022-25719
https://notcve.org/view.php?id=CVE-2022-25719
Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una revelación de información en WLAN debido a una comprobación de longitud incorrecta mientras es procesado el apretón de manos de autenticación en Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin • CWE-125: Out-of-bounds Read •