CVE-2023-33107

Name of the Vulnerable Software and Affected Versions Qualcomm Multiple Chipsets (affected versions not specified)

Description The issue is related to memory corruption in Graphics Linux, specifically when assigning a shared virtual memory region during an IOCTL call. This is caused by an integer overflow vulnerability. Exploitation of this issue could allow an attacker to execute arbitrary code with elevated privileges. The vulnerability is associated with the gpuobj import ioctl call for a usermem address, where a very large input size can cause the region's 64-bit end address to wrap around.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.