← back
CVE-2023-33107

Integer Overflow or Wraparound in Graphics Linux

CVSS 8.4 HIGHEPSS 0.9%● KEVCWE-190
In short

A flaw in Graphics Linux allows memory corruption when a program makes certain system calls to assign shared memory regions. An attacker could exploit this to crash the system or potentially run malicious code.

Technical detail

Integer overflow vulnerability in Graphics Linux IOCTL handler during shared virtual memory region assignment, allowing attackers to trigger out-of-bounds memory access. Requires local access and execution of crafted IOCTL call; impacts memory integrity and system stability.

Summary generated and translated by AI from the official description.
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Qualcomm, Inc. · Snapdragon

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-33107https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin