CVE-2022-2984: CWE-787 Out-of-bounds Write in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
AI Analysis
Technical Summary
CVE-2022-2984 is a medium severity vulnerability classified under CWE-787 (Out-of-bounds Write) affecting multiple Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, T612, T616, T770, T820, and S8000. These chipsets are integrated into various Android devices running Android 10, 11, and 12. The vulnerability exists in the JPEG driver component of the chipset's kernel-level software, where a missing bounds check leads to an out-of-bounds write condition. This flaw can be triggered locally by a user with limited privileges (low privileges) without requiring user interaction, potentially causing a denial of service (DoS) by crashing the kernel. The CVSS v3.1 base score is 5.5, reflecting a medium severity primarily due to the impact on availability (kernel DoS) without compromising confidentiality or integrity. Exploitation requires local access and low privileges but no user interaction, which means an attacker or malicious app on the device could trigger the vulnerability to cause system instability or crashes. There are no known exploits in the wild reported to date, and no official patches have been linked in the provided data, although vendors typically release updates to address such kernel-level vulnerabilities. The affected chipsets are commonly found in budget and mid-range Android smartphones, especially those using Unisoc SoCs, which are prevalent in certain markets.
Potential Impact
For European organizations, the primary impact of CVE-2022-2984 is the potential for local denial of service on devices using affected Unisoc chipsets. This could disrupt business operations if employees use vulnerable devices for corporate communications or access to sensitive data. While the vulnerability does not allow data leakage or privilege escalation, repeated kernel crashes could lead to device instability, loss of availability, and increased support costs. In sectors relying on mobile workforce or IoT devices with these chipsets, availability interruptions could degrade productivity. Additionally, the vulnerability could be leveraged as part of a multi-stage attack chain if combined with other exploits, although no such exploits are currently known. The lack of remote exploitability limits the threat to attackers with local access, such as malicious insiders or compromised applications. However, organizations with Bring Your Own Device (BYOD) policies or those deploying Unisoc-based devices in critical roles should be cautious. The impact is more pronounced in environments where device availability is critical, such as healthcare, logistics, or field services.
Mitigation Recommendations
To mitigate CVE-2022-2984, European organizations should: 1) Identify and inventory devices using Unisoc chipsets listed as vulnerable, focusing on Android 10, 11, and 12 versions. 2) Monitor for and apply firmware or OS updates from device manufacturers or Unisoc that address this vulnerability as soon as they become available. 3) Restrict installation of untrusted or potentially malicious applications on affected devices to reduce the risk of local exploitation. 4) Implement mobile device management (MDM) solutions to enforce security policies, including application whitelisting and privilege restrictions. 5) Educate users about the risks of installing unknown apps and the importance of device updates. 6) For critical deployments, consider using devices with chipsets from vendors with a stronger security track record or verified patch availability. 7) Monitor device logs for unusual kernel crashes that may indicate exploitation attempts. 8) Limit local access to devices, especially in shared or public environments, to reduce the attack surface. These steps go beyond generic advice by focusing on device inventory, patch management, application control, and user awareness tailored to the specific chipset vulnerability.
Affected Countries
Germany, France, Italy, Spain, United Kingdom, Poland, Netherlands, Belgium, Sweden, Finland
CVE-2022-2984: CWE-787 Out-of-bounds Write in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
Description
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
AI-Powered Analysis
Technical Analysis
CVE-2022-2984 is a medium severity vulnerability classified under CWE-787 (Out-of-bounds Write) affecting multiple Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, T612, T616, T770, T820, and S8000. These chipsets are integrated into various Android devices running Android 10, 11, and 12. The vulnerability exists in the JPEG driver component of the chipset's kernel-level software, where a missing bounds check leads to an out-of-bounds write condition. This flaw can be triggered locally by a user with limited privileges (low privileges) without requiring user interaction, potentially causing a denial of service (DoS) by crashing the kernel. The CVSS v3.1 base score is 5.5, reflecting a medium severity primarily due to the impact on availability (kernel DoS) without compromising confidentiality or integrity. Exploitation requires local access and low privileges but no user interaction, which means an attacker or malicious app on the device could trigger the vulnerability to cause system instability or crashes. There are no known exploits in the wild reported to date, and no official patches have been linked in the provided data, although vendors typically release updates to address such kernel-level vulnerabilities. The affected chipsets are commonly found in budget and mid-range Android smartphones, especially those using Unisoc SoCs, which are prevalent in certain markets.
Potential Impact
For European organizations, the primary impact of CVE-2022-2984 is the potential for local denial of service on devices using affected Unisoc chipsets. This could disrupt business operations if employees use vulnerable devices for corporate communications or access to sensitive data. While the vulnerability does not allow data leakage or privilege escalation, repeated kernel crashes could lead to device instability, loss of availability, and increased support costs. In sectors relying on mobile workforce or IoT devices with these chipsets, availability interruptions could degrade productivity. Additionally, the vulnerability could be leveraged as part of a multi-stage attack chain if combined with other exploits, although no such exploits are currently known. The lack of remote exploitability limits the threat to attackers with local access, such as malicious insiders or compromised applications. However, organizations with Bring Your Own Device (BYOD) policies or those deploying Unisoc-based devices in critical roles should be cautious. The impact is more pronounced in environments where device availability is critical, such as healthcare, logistics, or field services.
Mitigation Recommendations
To mitigate CVE-2022-2984, European organizations should: 1) Identify and inventory devices using Unisoc chipsets listed as vulnerable, focusing on Android 10, 11, and 12 versions. 2) Monitor for and apply firmware or OS updates from device manufacturers or Unisoc that address this vulnerability as soon as they become available. 3) Restrict installation of untrusted or potentially malicious applications on affected devices to reduce the risk of local exploitation. 4) Implement mobile device management (MDM) solutions to enforce security policies, including application whitelisting and privilege restrictions. 5) Educate users about the risks of installing unknown apps and the importance of device updates. 6) For critical deployments, consider using devices with chipsets from vendors with a stronger security track record or verified patch availability. 7) Monitor device logs for unusual kernel crashes that may indicate exploitation attempts. 8) Limit local access to devices, especially in shared or public environments, to reduce the attack surface. These steps go beyond generic advice by focusing on device inventory, patch management, application control, and user awareness tailored to the specific chipset vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Unisoc
- Date Reserved
- 2022-08-25T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fb1484d88663aec5d8
Added to database: 5/20/2025, 6:59:07 PM
Last enriched: 7/6/2025, 10:25:11 AM
Last updated: 8/16/2025, 1:37:44 AM
Views: 16
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.