CVE-2022-33231

9.3 CRITICAL

📋 TL;DR

CVE-2022-33231 is a double-free memory corruption vulnerability in Qualcomm chipsets that occurs during encryption key initialization. Successful exploitation could allow attackers to execute arbitrary code or cause denial of service. This affects devices using vulnerable Qualcomm chipsets, primarily mobile devices and IoT equipment.

💻 Affected Systems

Products:

• Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Versions: Multiple chipset versions - see Qualcomm advisory for specific affected chipsets

Operating Systems: Android, Linux-based systems using affected Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the core firmware/trustzone component, not specific applications. All devices with vulnerable chipsets are affected regardless of OS configuration.

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

View all CVEs affecting 315 5g Iot Modem Firmware →

8098 Firmware by Qualcomm

View all CVEs affecting 8098 Firmware →

8909 Firmware by Qualcomm

View all CVEs affecting 8909 Firmware →

8998 Firmware by Qualcomm

View all CVEs affecting 8998 Firmware →

Apq8009 Firmware by Qualcomm

View all CVEs affecting Apq8009 Firmware →

Aqt1000 Firmware by Qualcomm

View all CVEs affecting Aqt1000 Firmware →

Ar8031 Firmware by Qualcomm

View all CVEs affecting Ar8031 Firmware →

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

C V2x 9150 Firmware by Qualcomm

View all CVEs affecting C V2x 9150 Firmware →

Csra6620 Firmware by Qualcomm

View all CVEs affecting Csra6620 Firmware →

Csra6640 Firmware by Qualcomm

View all CVEs affecting Csra6640 Firmware →

Csrb31024 Firmware by Qualcomm

View all CVEs affecting Csrb31024 Firmware →

Fsm10056 Firmware by Qualcomm

View all CVEs affecting Fsm10056 Firmware →

Home Hub 100 Platform Firmware by Qualcomm

View all CVEs affecting Home Hub 100 Platform Firmware →

Ipq9008 Firmware by Qualcomm

View all CVEs affecting Ipq9008 Firmware →

Ipq9574 Firmware by Qualcomm

View all CVEs affecting Ipq9574 Firmware →

Mdm9205 Firmware by Qualcomm

View all CVEs affecting Mdm9205 Firmware →

Msm8108 Firmware by Qualcomm

View all CVEs affecting Msm8108 Firmware →

Msm8209 Firmware by Qualcomm

View all CVEs affecting Msm8209 Firmware →

Msm8608 Firmware by Qualcomm

View all CVEs affecting Msm8608 Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qca4004 Firmware by Qualcomm

View all CVEs affecting Qca4004 Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6310 Firmware by Qualcomm

View all CVEs affecting Qca6310 Firmware →

Qca6320 Firmware by Qualcomm

View all CVEs affecting Qca6320 Firmware →

Qca6335 Firmware by Qualcomm

View all CVEs affecting Qca6335 Firmware →

Qca6390 Firmware by Qualcomm

View all CVEs affecting Qca6390 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6420 Firmware by Qualcomm

View all CVEs affecting Qca6420 Firmware →

Qca6421 Firmware by Qualcomm

View all CVEs affecting Qca6421 Firmware →

Qca6426 Firmware by Qualcomm

View all CVEs affecting Qca6426 Firmware →

Qca6430 Firmware by Qualcomm

View all CVEs affecting Qca6430 Firmware →

Qca6431 Firmware by Qualcomm

View all CVEs affecting Qca6431 Firmware →

Qca6436 Firmware by Qualcomm

View all CVEs affecting Qca6436 Firmware →

Qca6564 Firmware by Qualcomm

View all CVEs affecting Qca6564 Firmware →

Qca6564a Firmware by Qualcomm

View all CVEs affecting Qca6564a Firmware →

Qca6564au Firmware by Qualcomm

View all CVEs affecting Qca6564au Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6595 Firmware by Qualcomm

View all CVEs affecting Qca6595 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8082 Firmware by Qualcomm

View all CVEs affecting Qca8082 Firmware →

Qca8084 Firmware by Qualcomm

View all CVEs affecting Qca8084 Firmware →

Qca8085 Firmware by Qualcomm

View all CVEs affecting Qca8085 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qca8386 Firmware by Qualcomm

View all CVEs affecting Qca8386 Firmware →

Qca9377 Firmware by Qualcomm

View all CVEs affecting Qca9377 Firmware →

Qca9379 Firmware by Qualcomm

View all CVEs affecting Qca9379 Firmware →

Qca9984 Firmware by Qualcomm

View all CVEs affecting Qca9984 Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4290 Firmware by Qualcomm

View all CVEs affecting Qcm4290 Firmware →

Qcm6125 Firmware by Qualcomm

View all CVEs affecting Qcm6125 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcn6024 Firmware by Qualcomm

View all CVEs affecting Qcn6024 Firmware →

Qcn7606 Firmware by Qualcomm

View all CVEs affecting Qcn7606 Firmware →

Qcn9011 Firmware by Qualcomm

View all CVEs affecting Qcn9011 Firmware →

Qcn9012 Firmware by Qualcomm

View all CVEs affecting Qcn9012 Firmware →

Qcn9024 Firmware by Qualcomm

View all CVEs affecting Qcn9024 Firmware →

Qcn9074 Firmware by Qualcomm

View all CVEs affecting Qcn9074 Firmware →

Qcn9274 Firmware by Qualcomm

View all CVEs affecting Qcn9274 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4290 Firmware by Qualcomm

View all CVEs affecting Qcs4290 Firmware →

Qcs603 Firmware by Qualcomm

View all CVEs affecting Qcs603 Firmware →

Qcs605 Firmware by Qualcomm

View all CVEs affecting Qcs605 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs6125 Firmware by Qualcomm

View all CVEs affecting Qcs6125 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qcs8155 Firmware by Qualcomm

View all CVEs affecting Qcs8155 Firmware →

Qrb5165 Firmware by Qualcomm

View all CVEs affecting Qrb5165 Firmware →

Qrb5165m Firmware by Qualcomm

View all CVEs affecting Qrb5165m Firmware →

Qrb5165n Firmware by Qualcomm

View all CVEs affecting Qrb5165n Firmware →

Qsm8250 Firmware by Qualcomm

View all CVEs affecting Qsm8250 Firmware →

Qsm8350 Firmware by Qualcomm

View all CVEs affecting Qsm8350 Firmware →

Qts110 Firmware by Qualcomm

View all CVEs affecting Qts110 Firmware →

Qualcomm Robotics Rb5 Platform Firmware by Qualcomm

View all CVEs affecting Qualcomm Robotics Rb5 Platform Firmware →

Sa4150p Firmware by Qualcomm

View all CVEs affecting Sa4150p Firmware →

Sa4155p Firmware by Qualcomm

View all CVEs affecting Sa4155p Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6150p Firmware by Qualcomm

View all CVEs affecting Sa6150p Firmware →

Sa6155 Firmware by Qualcomm

View all CVEs affecting Sa6155 Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8145p Firmware by Qualcomm

View all CVEs affecting Sa8145p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155 Firmware by Qualcomm

View all CVEs affecting Sa8155 Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8195p Firmware by Qualcomm

View all CVEs affecting Sa8195p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sa8540p Firmware by Qualcomm

View all CVEs affecting Sa8540p Firmware →

Sa9000p Firmware by Qualcomm

View all CVEs affecting Sa9000p Firmware →

Sc8180x\+sdx55 Firmware by Qualcomm

View all CVEs affecting Sc8180x\+sdx55 Firmware →

Sd 455 Firmware by Qualcomm

View all CVEs affecting Sd 455 Firmware →

Sd 675 Firmware by Qualcomm

View all CVEs affecting Sd 675 Firmware →

Sd 8cx Firmware by Qualcomm

View all CVEs affecting Sd 8cx Firmware →

Sd 8cx Gen2 Firmware by Qualcomm

View all CVEs affecting Sd 8cx Gen2 Firmware →

Sd 8cx Gen3 Firmware by Qualcomm

View all CVEs affecting Sd 8cx Gen3 Firmware →

Sd205 Firmware by Qualcomm

View all CVEs affecting Sd205 Firmware →

Sd460 Firmware by Qualcomm

View all CVEs affecting Sd460 Firmware →

Sd660 Firmware by Qualcomm

View all CVEs affecting Sd660 Firmware →

Sd662 Firmware by Qualcomm

View all CVEs affecting Sd662 Firmware →

Sd670 Firmware by Qualcomm

View all CVEs affecting Sd670 Firmware →

Sd675 Firmware by Qualcomm

View all CVEs affecting Sd675 Firmware →

Sd730 Firmware by Qualcomm

View all CVEs affecting Sd730 Firmware →

Sd778g Firmware by Qualcomm

View all CVEs affecting Sd778g Firmware →

Sd7c Firmware by Qualcomm

View all CVEs affecting Sd7c Firmware →

Sd835 Firmware by Qualcomm

View all CVEs affecting Sd835 Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sdm660 Firmware by Qualcomm

View all CVEs affecting Sdm660 Firmware →

Sdm670 Firmware by Qualcomm

View all CVEs affecting Sdm670 Firmware →

Sdm710 Firmware by Qualcomm

View all CVEs affecting Sdm710 Firmware →

Sdm712 Firmware by Qualcomm

View all CVEs affecting Sdm712 Firmware →

Sdm845 Firmware by Qualcomm

View all CVEs affecting Sdm845 Firmware →

Sdm850 Firmware by Qualcomm

View all CVEs affecting Sdm850 Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sdx57m Firmware by Qualcomm

View all CVEs affecting Sdx57m Firmware →

Sm4125 Firmware by Qualcomm

View all CVEs affecting Sm4125 Firmware →

Sm4250 Aa Firmware by Qualcomm

View all CVEs affecting Sm4250 Aa Firmware →

Sm4350 Ac Firmware by Qualcomm

View all CVEs affecting Sm4350 Ac Firmware →

Sm4350 Firmware by Qualcomm

View all CVEs affecting Sm4350 Firmware →

Sm4375 Firmware by Qualcomm

View all CVEs affecting Sm4375 Firmware →

Sm6125 Firmware by Qualcomm

View all CVEs affecting Sm6125 Firmware →

Sm6150 Ac Firmware by Qualcomm

View all CVEs affecting Sm6150 Ac Firmware →

Sm6225 Ad Firmware by Qualcomm

View all CVEs affecting Sm6225 Ad Firmware →

Sm6225 Firmware by Qualcomm

View all CVEs affecting Sm6225 Firmware →

Sm6250 Firmware by Qualcomm

View all CVEs affecting Sm6250 Firmware →

Sm6250p Firmware by Qualcomm

View all CVEs affecting Sm6250p Firmware →

Sm6350 Firmware by Qualcomm

View all CVEs affecting Sm6350 Firmware →

Sm6375 Firmware by Qualcomm

View all CVEs affecting Sm6375 Firmware →

Sm7125 Firmware by Qualcomm

View all CVEs affecting Sm7125 Firmware →

Sm7150 Aa Firmware by Qualcomm

View all CVEs affecting Sm7150 Aa Firmware →

Sm7150 Ab Firmware by Qualcomm

View all CVEs affecting Sm7150 Ab Firmware →

Sm7150 Ac Firmware by Qualcomm

View all CVEs affecting Sm7150 Ac Firmware →

Sm7225 Firmware by Qualcomm

View all CVEs affecting Sm7225 Firmware →

Sm7250 Aa Firmware by Qualcomm

View all CVEs affecting Sm7250 Aa Firmware →

Sm7250 Ab Firmware by Qualcomm

View all CVEs affecting Sm7250 Ab Firmware →

Sm7250 Ac Firmware by Qualcomm

View all CVEs affecting Sm7250 Ac Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7325 Ae Firmware by Qualcomm

View all CVEs affecting Sm7325 Ae Firmware →

Sm7325 Af Firmware by Qualcomm

View all CVEs affecting Sm7325 Af Firmware →

Sm7325 Firmware by Qualcomm

View all CVEs affecting Sm7325 Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Sm7350 Ab Firmware by Qualcomm

View all CVEs affecting Sm7350 Ab Firmware →

Sm8150 Ac Firmware by Qualcomm

View all CVEs affecting Sm8150 Ac Firmware →

Sm8150 Firmware by Qualcomm

View all CVEs affecting Sm8150 Firmware →

Sm8250 Ab Firmware by Qualcomm

View all CVEs affecting Sm8250 Ab Firmware →

Sm8250 Ac Firmware by Qualcomm

View all CVEs affecting Sm8250 Ac Firmware →

Sm8250 Firmware by Qualcomm

View all CVEs affecting Sm8250 Firmware →

Sm8350 Ac Firmware by Qualcomm

View all CVEs affecting Sm8350 Ac Firmware →

Sm8350 Firmware by Qualcomm

View all CVEs affecting Sm8350 Firmware →

Sm8450 Firmware by Qualcomm

View all CVEs affecting Sm8450 Firmware →

Sm8475 Firmware by Qualcomm

View all CVEs affecting Sm8475 Firmware →

Smart Audio 200 Platform Firmware by Qualcomm

View all CVEs affecting Smart Audio 200 Platform Firmware →

Smart Audio 400 Platform Firmware by Qualcomm

View all CVEs affecting Smart Audio 400 Platform Firmware →

Snapdragon 208 Processor Firmware by Qualcomm

View all CVEs affecting Snapdragon 208 Processor Firmware →

Snapdragon 630 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 630 Mobile Platform Firmware →

Snapdragon 636 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 636 Mobile Platform Firmware →

Snapdragon 662 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 662 Mobile Platform Firmware →

Snapdragon 675 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 675 Mobile Platform Firmware →

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Platform Firmware →

Snapdragon Auto 4g Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 4g Modem Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Snapdragon Wear 1300 Firmware by Qualcomm

View all CVEs affecting Snapdragon Wear 1300 Firmware →

Snapdragon X24 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X24 Lte Modem Firmware →

Snapdragon X50 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →

Snapdragon X70 Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X70 Modem Rf System Firmware →

Snapdragon Xr1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr1 Platform Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1120 Firmware by Qualcomm

View all CVEs affecting Sxr1120 Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Wcd9306 Firmware by Qualcomm

View all CVEs affecting Wcd9306 Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9360 Firmware by Qualcomm

View all CVEs affecting Wcd9360 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9371 Firmware by Qualcomm

View all CVEs affecting Wcd9371 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcn3610 Firmware by Qualcomm

View all CVEs affecting Wcn3610 Firmware →

Wcn3615 Firmware by Qualcomm

View all CVEs affecting Wcn3615 Firmware →

Wcn3660b Firmware by Qualcomm

View all CVEs affecting Wcn3660b Firmware →

Wcn3680b Firmware by Qualcomm

View all CVEs affecting Wcn3680b Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn3998 Firmware by Qualcomm

View all CVEs affecting Wcn3998 Firmware →

Wcn3999 Firmware by Qualcomm

View all CVEs affecting Wcn3999 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wcn6750 Firmware by Qualcomm

View all CVEs affecting Wcn6750 Firmware →

Wcn685x 1 Firmware by Qualcomm

View all CVEs affecting Wcn685x 1 Firmware →

Wcn685x 5 Firmware by Qualcomm

View all CVEs affecting Wcn685x 5 Firmware →

Wcn785x 1 Firmware by Qualcomm

View all CVEs affecting Wcn785x 1 Firmware →

Wcn785x 5 Firmware by Qualcomm

View all CVEs affecting Wcn785x 5 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete device compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Device crash/reboot (denial of service) or limited code execution in kernel context, potentially enabling privilege escalation.

🟢

If Mitigated

With proper memory protection mechanisms (ASLR, DEP), exploitation becomes unreliable, likely resulting only in crashes.

🌐 Internet-Facing: MEDIUM - Requires specific conditions for remote exploitation, but affected devices often have internet connectivity.

🏢 Internal Only: MEDIUM - Local exploitation possible if attacker gains initial access, but requires specific memory manipulation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires precise memory manipulation and understanding of Qualcomm's encryption key management. No public exploits available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Varies by chipset - refer to Qualcomm's April 2023 security bulletin for specific chipset fixes

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device. 4. Verify patch installation through version checks.

🔧 Temporary Workarounds

Disable vulnerable encryption features

all

Disable hardware encryption features that trigger the vulnerable code path (if possible without breaking functionality)

Copy

Feature-specific - consult device documentation

🧯 If You Can't Patch

• Isolate affected devices from untrusted networks
• Implement strict access controls and monitoring for devices with vulnerable chipsets

🔍 How to Verify

Check if Vulnerable:

Copy

Check chipset version against Qualcomm's affected list. Use device-specific commands like 'cat /proc/cpuinfo' or manufacturer diagnostic tools.

Check Version:

Copy

Device-specific - typically manufacturer diagnostic commands or Android: 'getprop ro.bootloader' for bootloader version

Verify Fix Applied:

Copy

Verify firmware version has been updated to post-April 2023 patches. Check with manufacturer update tools or security scanning utilities.

📡 Detection & Monitoring

Log Indicators:

• Kernel panic logs
• Trustzone/secure world crash reports
• Memory corruption error messages in system logs

Network Indicators:

• Unusual encryption-related network traffic patterns
• Unexpected device reboots

SIEM Query:

Copy

Example: (event_category="kernel_panic" OR event_category="memory_corruption") AND device_vendor="Qualcomm"

📊 Metadata

CVE ID: CVE-2022-33231

CVSS v3 Score: 9.3 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-415

Published: April 13, 2023

Last Updated: November 21, 2024

🔗 References

• https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory
• https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-33231, you might also want to check these:

CVE-2020-35885 9.8

This vulnerability in the alpm-rs Rust crate allows double-free memory corruption due to improper de...

Same vulnerability type (CWE-415)

CVE-2021-29940 9.8

This vulnerability in the Rust 'through' crate allows double-free memory corruption when the map fun...

Same vulnerability type (CWE-415)

CVE-2023-49937 9.8

This CVE describes a double-free vulnerability in SchedMD Slurm workload manager that allows attacke...

Same vulnerability type (CWE-415)