Published: 14/06/2022 Updated: 08/08/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Vulnerable Product	Search on Vulmon	Subscribe to Product
qualcomm apq8053_firmware -
qualcomm ar8035_firmware -
qualcomm msm8953_firmware -
qualcomm qca6174a_firmware -
qualcomm qca6390_firmware -
qualcomm qca6391_firmware -
qualcomm qca6426_firmware -
qualcomm qca6436_firmware -
qualcomm qca6595au_firmware -
qualcomm qca8081_firmware -
qualcomm qca8337_firmware -
qualcomm qca9377_firmware -
qualcomm qcm2290_firmware -
qualcomm qcm4290_firmware -
qualcomm qcm6490_firmware -
qualcomm qcs2290_firmware -
qualcomm qcs4290_firmware -
qualcomm qcs6490_firmware -
qualcomm qrb5165_firmware -
qualcomm qrb5165m_firmware -
qualcomm qrb5165n_firmware -
qualcomm qualcomm215_firmware -
qualcomm sa6155p_firmware -
qualcomm sa8155p_firmware -
qualcomm sa8195p_firmware -
qualcomm sd_8_gen1_5g_firmware -
qualcomm sd439_firmware -
qualcomm sd460_firmware -
qualcomm sd480_firmware -
qualcomm sd662_firmware -
qualcomm sd680_firmware -
qualcomm sd690_5g_firmware -
qualcomm sd695_firmware -
qualcomm sd750g_firmware -
qualcomm sd765_firmware -
qualcomm sd765g_firmware -
qualcomm sd768g_firmware -
qualcomm sd778g_firmware -
qualcomm sd780g_firmware -
qualcomm sd865_5g_firmware -
qualcomm sd870_firmware -
qualcomm sd888_firmware -
qualcomm sd888_5g_firmware -
qualcomm sdx12_firmware -
qualcomm sdx55m_firmware -
qualcomm sdx65_firmware -
qualcomm sdxr2_5g_firmware -
qualcomm sm7250p_firmware -
qualcomm sm7315_firmware -
qualcomm sm7325p_firmware -
qualcomm sw5100_firmware -
qualcomm sw5100p_firmware -
qualcomm wcd9326_firmware -
qualcomm wcd9335_firmware -
qualcomm wcd9341_firmware -
qualcomm wcd9370_firmware -
qualcomm wcd9375_firmware -
qualcomm wcd9380_firmware -
qualcomm wcd9385_firmware -
qualcomm wcn3615_firmware -
qualcomm wcn3660b_firmware -
qualcomm wcn3680b_firmware -
qualcomm wcn3910_firmware -
qualcomm wcn3950_firmware -
qualcomm wcn3980_firmware -
qualcomm wcn3988_firmware -
qualcomm wcn3991_firmware -
qualcomm wcn3998_firmware -
qualcomm wcn6740_firmware -
qualcomm wcn6750_firmware -
qualcomm wcn6850_firmware -
qualcomm wcn6851_firmware -
qualcomm wcn6855_firmware -
qualcomm wcn6856_firmware -
qualcomm wcn7850_firmware -
qualcomm wcn7851_firmware -
qualcomm wsa8810_firmware -
qualcomm wsa8815_firmware -
qualcomm wsa8830_firmware -
qualcomm wsa8835_firmware -

Fork My adaptation for the SM-F926U from the original exploit here HUGE thanks to m-y-mo for discovering the exploit and his extreme patience with all my questions to port this to SM-F926U and make it useable I've added a startup daemon (libtimelineso) based on code from Shizuku Added a dirty trick to allow the temp root solution to be stable (see below) Disclaimer: I am

CWE-362 https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin http://packetstormsecurity.com/files/172850/Qualcomm-kgsl-Driver-Use-After-Free.html https://nvd.nist.gov https://github.com/diabl0w/CVE-2022-22057_SM-F926U

CVE-2022-22057

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect