CVE-2023-33107

Confirmed PUBLISHED

Integer Overflow or Wraparound in Graphics Linux

Qualcomm, Inc. · Snapdragon
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
8.4 High

At a Glance

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

cisa linux
CVE Published
Dec 05, 2023
Exploitation Reported
Dec 05, 2023
CVSS
8.4 High
EPSS
Low complexity No user interaction Unauthenticated

Affected Versions

460 version rows · page 1 of 19

Vendor Product Version Status
qualcomm
315_5g_iot_modem_firmware

0 to <= *

Affected
qualcomm
apq8017_firmware

0 to <= *

Affected
qualcomm
apq8064au_firmware

0 to <= *

Affected
qualcomm
aqt1000_firmware

0 to <= *

Affected
qualcomm
ar8031_firmware

0 to <= *

Affected
qualcomm
ar8035_firmware

0 to <= *

Affected
qualcomm
c-v2x_9150_firmware

0 to <= *

Affected
qualcomm
csra6620_firmware

0 to <= *

Affected
qualcomm
csra6640_firmware

0 to <= *

Affected
qualcomm
csrb31024_firmware

0 to <= *

Affected
qualcomm
fastconnect_6200_firmware

0 to <= *

Affected
qualcomm
fastconnect_6700_firmware

0 to <= *

Affected
qualcomm
fastconnect_6800_firmware

0 to <= *

Affected
qualcomm
fastconnect_6900_firmware

0 to <= *

Affected
qualcomm
fastconnect_7800_firmware

0 to <= *

Affected
qualcomm
flight_rb5_5g_platform_firmware

0 to <= *

Affected
qualcomm
mdm9250_firmware

0 to <= *

Affected
qualcomm
mdm9650_firmware

0 to <= *

Affected
qualcomm
msm8108_firmware

0 to <= *

Affected
qualcomm
msm8209_firmware

0 to <= *

Affected
qualcomm
msm8608_firmware

0 to <= *

Affected
qualcomm
msm8909w_firmware

0 to <= *

Affected
qualcomm
msm8996au_firmware

0 to <= *

Affected
qualcomm
qam8255p_firmware

0 to <= *

Affected
qualcomm
qam8295p_firmware

0 to <= *

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.