发布日期：2023-01-09
更新日期：2023-04-07

受影响系统：

Qualcomm chipsets SA8195P
Qualcomm chipsets SA8155P
Qualcomm chipsets SA8150P
Qualcomm chipsets SA8145P
Qualcomm chipsets SA6155P
Qualcomm chipsets SA6150P
Qualcomm chipsets SA6145P
Qualcomm chipsets QCA6696
Qualcomm chipsets QCA6595AU
Qualcomm chipsets QCA6584AU
Qualcomm chipsets QCA6574AU
Qualcomm chipsets QCA6574
Qualcomm chipsets QCA6564AU
Qualcomm chipsets QCA6564A
Qualcomm chipsets MSM8996AU
Qualcomm chipsets APQ8096AU
Qualcomm chipsets APQ8064AU

描述：

---

CVE(CAN) ID: CVE-2022-33219

Qualcomm芯片是美国高通（Qualcomm）公司的芯片，一种将电路（主要包括半导体设备，也包括被动组件等）小型化的方式，并时常制造在半导体晶圆表面上。
Qualcomm多款产品在用共享缓冲区注册新的监听器时存在整数溢出漏洞，攻击者可利用该漏洞导致Automotive内存损坏。

<*链接：https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2023-bulletin.html
*>

建议：

---

厂商补丁：

Qualcomm
--------
Qualcomm已经为此发布了一个安全公告（CVE-2022-33219）以及相应补丁:
CVE-2022-33219：Integer Overflow to Buffer Overflow in Automotive
链接：https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2023-bulletin.html

浏览次数：387
严重程度：0（网友投票）