CVE-2023-33108

EPSS 0.06%
Published 02.01.2024 06:15:11
Last modified 11.08.2025 15:06:17
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Qam8255p Firmware Version-

Qualcomm ≫ Qam8255p Version-

Qualcomm ≫ Qam8295p Firmware Version-

Qualcomm ≫ Qam8295p Version-

Qualcomm ≫ Qam8650p Firmware Version-

Qualcomm ≫ Qam8650p Version-

Qualcomm ≫ Qam8775p Firmware Version-

Qualcomm ≫ Qam8775p Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6574 Firmware Version-

Qualcomm ≫ Qca6574 Version-

Qualcomm ≫ Qca6574a Firmware Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595 Firmware Version-

Qualcomm ≫ Qca6595 Version-

Qualcomm ≫ Qca6595au Firmware Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qca6698aq Firmware Version-

Qualcomm ≫ Qca6698aq Version-

Qualcomm ≫ Qca6797aq Firmware Version-

Qualcomm ≫ Qca6797aq Version-

Qualcomm ≫ Qcs7230 Firmware Version-

Qualcomm ≫ Qcs7230 Version-

Qualcomm ≫ Qcs8250 Firmware Version-

Qualcomm ≫ Qcs8250 Version-

Qualcomm ≫ Video Collaboration Vc5 Platform Firmware Version-

Qualcomm ≫ Video Collaboration Vc5 Platform Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sa8255p Firmware Version-

Qualcomm ≫ Sa8255p Version-

Qualcomm ≫ Sa8295p Firmware Version-

Qualcomm ≫ Sa8295p Version-

Qualcomm ≫ Sw5100 Firmware Version-

Qualcomm ≫ Sw5100 Version-

Qualcomm ≫ Sw5100p Firmware Version-

Qualcomm ≫ Sw5100p Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.188

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-33108

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-33108

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-33108

EUVD