PULSE
LIVE18signals / 24h
FEED
ransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Services
← All CVEs
CVE Watch

CVE-2022-22071

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CVSS

No CVSS

EPSS

0.4%

p36

KEV

YES

Dec 5, 2023

Exploit Today

61

0-100

Published: · Last modified:

EPSS · 30d
0.4%EPSS · 30 days0.4%
2026-06-302026-07-17
KEV catalog record

Product

Qualcomm / Multiple Chipsets

Vulnerability

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

Added to KEV

Dec 5, 2023

Remediate by

Dec 26, 2023

Known ransomware use

No

Summary description

Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.

Required action

Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-5.4/-/commit/586840fde350d7b8563df9889c8ce397e2c20dda; https://nvd.nist.gov/vuln/detail/CVE-2022-22071

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-1905
63.3%
KEV69Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2026-21385
61.0%
KEV68Qualcomm Multiple Chipsets Memory Corruption Vulnerability
CVE-2023-33107
55.4%
KEV67Qualcomm Multiple Chipsets Integer Overflow Vulnerability
CVE-2023-33106
54.2%
KEV66Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
CVE-2025-27038
53.5%
KEV66Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2025-21479
51.7%
KEV66Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability