KEVIntel
Back to KEVs
8.4
CVSS
High

CVE-2022-22071

PUBLISHED

Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto,...

Exploited in the wild Low complexity No user interaction
Vendor
Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
Published
Jun 14, 2022
EPSS

Description

Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

cisa

CVSS scores

CVSS v3.1 8.4 High

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2023-12-05 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Dec 05, 2023

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel