CVE-2022-40522

high-risk

Published 2023-06-06

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.4/10 High

LOCAL / LOW complexity

Csr8811 Firmware

Wcn3991 Firmware

Wcn3998 Firmware

Ipq6000 Firmware

Ipq6005 Firmware

Ipq6010 Firmware

Ipq6018 Firmware

Ipq6028 Firmware

Ipq9008 Firmware

Ipq9574 Firmware

Qca4024 Firmware

Qca6574A Firmware

Qca6574Au Firmware

Qca6595Au Firmware

Qca6696 Firmware

Qca8072 Firmware

Qca8075 Firmware

Qca8081 Firmware

Qca8082 Firmware

Qca8084 Firmware

Qualcomm

Vendor Advisory https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

/ 100

high-risk

Severity 26/34 · High

Exploitability 0/34 · Minimal

Exposure 26/34 · High