Improper Length Check in Device ID Verification Leads to Out of Bounds Writing in Snapdragon Compute, Connectivity, and Mobile

Improper Length Check in Device ID Verification Leads to Out of Bounds Writing in Snapdragon Compute, Connectivity, and Mobile

CVE-2022-22061 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Learn more about our Mobile App Penetration Testing.