CVE-2022-22071
CISA KEVPublished December 5, 2023 · Updated April 3, 2026
high
Official Description+
Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.
Affected Products
| Vendor | Product |
|---|---|
| Qualcomm | Multiple Chipsets |
Patch Status
Patch by 2023-12-26
Recommended Actions
- Check if your systems use any of the affected products listed above.
- Apply vendor patches immediately if available.
- This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
- Monitor vendor advisories for updates and additional mitigations.
- Review logs for indicators of compromise related to CVE-2022-22071.