CVE-2023-33106

Name of the Vulnerable Software and Affected Versions Qualcomm chipsets (affected versions not specified)

Description The issue is related to memory corruption that occurs when submitting a large list of sync points in an AUX command to the IOCTL KGSL GPU AUX COMMAND. This can potentially allow an attacker to execute arbitrary code with elevated privileges. The vulnerability is associated with a pointer offset out of the allocated memory bounds in Qualcomm's embedded software.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.