7.8
CVE-2023-33110
- EPSS 0.09%
- Published 02.01.2024 06:15:11
- Last modified 21.11.2024 08:04:52
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Snapdragon 425 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 427 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 429 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 430 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 435 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 439 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 450 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 460 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 625 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 626 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 630 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 632 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 636 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 660 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 662 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 665 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 670 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 675 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 678 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 710 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 712 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 720g Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 730 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 730g Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 732g Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 782g Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 7c Compute Platform Firmware Version-
Qualcomm ≫ Snapdragon 7c+ Gen 3 Compute Firmware Version-
Qualcomm ≫ Snapdragon 820 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 821 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 845 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 855 Mobile Platform Firmware Version-
Qualcomm ≫ Snapdragon 8c Compute Platform Firmware Version-
Qualcomm ≫ Snapdragon 8c Compute Platform Firmware Version-
Qualcomm ≫ Snapdragon 8cx Compute Platform Firmware Version-
Qualcomm ≫ Snapdragon 8cx Compute Platform Firmware Version-
Qualcomm ≫ Snapdragon Ar2 Gen 1 Platform Firmware Version-
Qualcomm ≫ Snapdragon Auto 5g Modem-rf Firmware Version-
Qualcomm ≫ Snapdragon Wear 1300 Platform Firmware Version-
Qualcomm ≫ Snapdragon Wear 2100 Platform Firmware Version-
Qualcomm ≫ Snapdragon Wear 2500 Platform Firmware Version-
Qualcomm ≫ Snapdragon Wear 3100 Platform Firmware Version-
Qualcomm ≫ Snapdragon Wear 4100+ Platform Firmware Version-
Qualcomm ≫ Snapdragon X12 Lte Modem Firmware Version-
Qualcomm ≫ Snapdragon X24 Lte Modem Firmware Version-
Qualcomm ≫ Snapdragon X5 Lte Modem Firmware Version-
Qualcomm ≫ Snapdragon X70 Modem-rf System Firmware Version-
Qualcomm ≫ Snapdragon Xr1 Platform Firmware Version-
Qualcomm ≫ Snapdragon Xr2 5g Platform Firmware Version-
Qualcomm ≫ Snapdragon Xr2+ Gen 1 Platform Firmware Version-
Qualcomm ≫ Snapdragon Auto 4g Modem Firmware Version-
Qualcomm ≫ Ssg2115p Firmware Version-
Qualcomm ≫ Ssg2125p Firmware Version-
Qualcomm ≫ Sw5100 Firmware Version-
Qualcomm ≫ Sw5100p Firmware Version-
Qualcomm ≫ Sxr1120 Firmware Version-
Qualcomm ≫ Sxr1230p Firmware Version-
Qualcomm ≫ Sxr2130 Firmware Version-
Qualcomm ≫ Sxr2230p Firmware Version-
Qualcomm ≫ Wcd9306 Firmware Version-
Qualcomm ≫ Wcd9326 Firmware Version-
Qualcomm ≫ Wcd9330 Firmware Version-
Qualcomm ≫ Wcd9335 Firmware Version-
Qualcomm ≫ Wcd9340 Firmware Version-
Qualcomm ≫ Wcd9341 Firmware Version-
Qualcomm ≫ Wcd9360 Firmware Version-
Qualcomm ≫ Wcd9370 Firmware Version-
Qualcomm ≫ Wcd9371 Firmware Version-
Qualcomm ≫ Wcd9375 Firmware Version-
Qualcomm ≫ Wcd9380 Firmware Version-
Qualcomm ≫ Wcd9385 Firmware Version-
Qualcomm ≫ Wcn3610 Firmware Version-
Qualcomm ≫ Wcn3615 Firmware Version-
Qualcomm ≫ Wcn3620 Firmware Version-
Qualcomm ≫ Wcn3660 Firmware Version-
Qualcomm ≫ Wcn3660b Firmware Version-
Qualcomm ≫ Wcn3680 Firmware Version-
Qualcomm ≫ Wcn3680b Firmware Version-
Qualcomm ≫ Wcn3910 Firmware Version-
Qualcomm ≫ Wcn3950 Firmware Version-
Qualcomm ≫ Wcn3980 Firmware Version-
Qualcomm ≫ Wcn3988 Firmware Version-
Qualcomm ≫ Wcn3990 Firmware Version-
Qualcomm ≫ Wcn3999 Firmware Version-
Qualcomm ≫ Wcn6740 Firmware Version-
Qualcomm ≫ Wsa8810 Firmware Version-
Qualcomm ≫ Wsa8815 Firmware Version-
Qualcomm ≫ Wsa8830 Firmware Version-
Qualcomm ≫ Wsa8832 Firmware Version-
Qualcomm ≫ Wsa8835 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.255 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| product-security@qualcomm.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
CWE-823 Use of Out-of-range Pointer Offset
The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.