CVE-2022-25665 The kernel buffer over-read vulnerability could lead to information disclosure. This vulnerability is specific to Snapdragon products.

When working with data in a kernel, certain rules have to be followed. One of those rules is that if you read data from a buffer, you have to make sure that you only read the amount of data that you actually need. Otherwise, you might end up leaking data. This is exactly what happened in one of the Snapdragon IOT samples. When receiving data from the network, the code would read the entire buffer at once, which resulted in data being exposed outside of the intended receiver.

CVE-2023-12994

When working with data in a kernel, certain rules have to be followed. One of those rules is that if you read data from a buffer, you have to make sure that you only read the amount of data that you actually need. Otherwise, you might end up leaking data. This is exactly what happened in one of the Snapdragon IOT samples. When receiving data from the network, the code would read the entire buffer at once, which resulted in data being exposed outside of the intended receiver.

CVE-2022-25560

A very similar vulnerability was found in the Qualcomm Snapdragon IOT Driver.
This time, the buffer was received from an application, and the driver would read only what they need. This is also a good practice that should be followed in any kernel data usage scenario.

CVE-2022-25666

A vulnerability that affected the Snapdragon IOT. A buffer was overflowing when receiving data from the network and processing it.

CVE-2023-25666

This vulnerability allowed an attacker to pull sensitive information from the device. The attack vector was through the use of a malicious Wi-Fi hotspot that could force devices to connect to it. This type of attack is widely known as a Man-in-the-Middle (MITM) attack and anyone can be a victim of this type of attack.

1) CVE-2022-25665
If you are working with data in a kernel, certain rules have to be followed. One of those rules is that if you read data from a buffer, you have to make sure that you only read the amount of data that you actually need. Otherwise, you might end up leaking data. This is exactly what happened in one Snapdragon IOT sample when receiving data from the network and reading it all at once. When receiving data from the network, the code would read the entire buffer at once resulting in data being exposed outside of the intended receiver.
2) CVE-2023-25666

Timeline

Published on: 10/19/2022 11:15:00 UTC
Last modified on: 10/20/2022 21:19:00 UTC

References

• https://www.qualcomm.com/company/product-security/bulletins/october-2022-bulletin
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25665