CVE-2022-39125: CWE-400 Uncontrolled Resource Consumption in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
AI Analysis
Technical Summary
CVE-2022-39125 is a medium-severity vulnerability identified in several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and multiple T-series models (T610, T310, T606, T760, T618, T612, T616, T770, T820, S8000). These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability arises from an uncontrolled resource consumption issue (CWE-400) within the sensor driver component of the affected chipsets. Specifically, a missing bounds check in the sensor driver code can lead to an out-of-bounds write operation. This flaw can be exploited locally by an attacker with limited privileges (low privileges required) and does not require user interaction. Successful exploitation results in a denial of service (DoS) condition at the kernel level, effectively crashing or destabilizing the device's operating system. The CVSS v3.1 base score is 5.5, reflecting a medium severity level, with the attack vector being local (AV:L), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) without affecting confidentiality or integrity. No known public exploits have been reported in the wild, and no patches are currently linked, indicating that mitigation may require vendor updates or device firmware upgrades. The vulnerability's root cause is a lack of proper input validation in the sensor driver's handling of data, which can be triggered by a crafted local process or application to cause kernel instability or crash, leading to denial of service.
Potential Impact
For European organizations, the impact of CVE-2022-39125 primarily concerns mobile devices and embedded systems utilizing Unisoc chipsets running Android 10 to 12. The denial of service at the kernel level can cause device crashes, leading to operational disruptions, especially in environments relying on mobile communications, field operations, or IoT devices with these chipsets. While the vulnerability does not expose data confidentiality or integrity, the availability impact can affect business continuity, particularly for sectors dependent on mobile workforce devices or embedded systems in critical infrastructure. The local attack vector and requirement for low privileges limit remote exploitation risks but do not eliminate insider threat scenarios or risks from malicious applications installed on devices. Organizations with Bring Your Own Device (BYOD) policies or mobile device management (MDM) systems should be aware of this vulnerability to prevent potential denial of service incidents that could degrade user productivity or device reliability. Given the lack of known exploits, the immediate risk is moderate, but the vulnerability should be addressed proactively to avoid future exploitation.
Mitigation Recommendations
To mitigate CVE-2022-39125 effectively, European organizations should: 1) Identify and inventory devices using Unisoc chipsets listed in the vulnerability, focusing on Android 10-12 devices. 2) Monitor vendor communications from Unisoc and device manufacturers for firmware or driver updates addressing this vulnerability and apply patches promptly once available. 3) Employ strict application control policies to prevent installation of untrusted or potentially malicious applications that could exploit local vulnerabilities. 4) Utilize mobile device management (MDM) solutions to enforce security policies, restrict privilege escalation, and monitor device health for signs of instability or crashes. 5) Educate users on the risks of installing unverified applications and the importance of device updates. 6) For critical environments, consider network segmentation or limiting device access to sensitive systems to reduce the impact of potential denial of service conditions. 7) Engage with device vendors to request security updates or mitigations if no patches are currently available. These steps go beyond generic advice by focusing on device inventory, vendor engagement, and operational controls tailored to the local attack vector and denial of service impact.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Poland, Netherlands, Belgium, Sweden, Finland
CVE-2022-39125: CWE-400 Uncontrolled Resource Consumption in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
Description
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
AI-Powered Analysis
Technical Analysis
CVE-2022-39125 is a medium-severity vulnerability identified in several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and multiple T-series models (T610, T310, T606, T760, T618, T612, T616, T770, T820, S8000). These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability arises from an uncontrolled resource consumption issue (CWE-400) within the sensor driver component of the affected chipsets. Specifically, a missing bounds check in the sensor driver code can lead to an out-of-bounds write operation. This flaw can be exploited locally by an attacker with limited privileges (low privileges required) and does not require user interaction. Successful exploitation results in a denial of service (DoS) condition at the kernel level, effectively crashing or destabilizing the device's operating system. The CVSS v3.1 base score is 5.5, reflecting a medium severity level, with the attack vector being local (AV:L), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) without affecting confidentiality or integrity. No known public exploits have been reported in the wild, and no patches are currently linked, indicating that mitigation may require vendor updates or device firmware upgrades. The vulnerability's root cause is a lack of proper input validation in the sensor driver's handling of data, which can be triggered by a crafted local process or application to cause kernel instability or crash, leading to denial of service.
Potential Impact
For European organizations, the impact of CVE-2022-39125 primarily concerns mobile devices and embedded systems utilizing Unisoc chipsets running Android 10 to 12. The denial of service at the kernel level can cause device crashes, leading to operational disruptions, especially in environments relying on mobile communications, field operations, or IoT devices with these chipsets. While the vulnerability does not expose data confidentiality or integrity, the availability impact can affect business continuity, particularly for sectors dependent on mobile workforce devices or embedded systems in critical infrastructure. The local attack vector and requirement for low privileges limit remote exploitation risks but do not eliminate insider threat scenarios or risks from malicious applications installed on devices. Organizations with Bring Your Own Device (BYOD) policies or mobile device management (MDM) systems should be aware of this vulnerability to prevent potential denial of service incidents that could degrade user productivity or device reliability. Given the lack of known exploits, the immediate risk is moderate, but the vulnerability should be addressed proactively to avoid future exploitation.
Mitigation Recommendations
To mitigate CVE-2022-39125 effectively, European organizations should: 1) Identify and inventory devices using Unisoc chipsets listed in the vulnerability, focusing on Android 10-12 devices. 2) Monitor vendor communications from Unisoc and device manufacturers for firmware or driver updates addressing this vulnerability and apply patches promptly once available. 3) Employ strict application control policies to prevent installation of untrusted or potentially malicious applications that could exploit local vulnerabilities. 4) Utilize mobile device management (MDM) solutions to enforce security policies, restrict privilege escalation, and monitor device health for signs of instability or crashes. 5) Educate users on the risks of installing unverified applications and the importance of device updates. 6) For critical environments, consider network segmentation or limiting device access to sensitive systems to reduce the impact of potential denial of service conditions. 7) Engage with device vendors to request security updates or mitigations if no patches are currently available. These steps go beyond generic advice by focusing on device inventory, vendor engagement, and operational controls tailored to the local attack vector and denial of service impact.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Unisoc
- Date Reserved
- 2022-09-01T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fb1484d88663aec93a
Added to database: 5/20/2025, 6:59:07 PM
Last enriched: 7/6/2025, 2:26:08 PM
Last updated: 8/18/2025, 2:04:08 AM
Views: 13
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.