Security News > 2023 > December > Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks
2023-12-06 05:23

Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023. The vulnerabilities are as follows - CVE-2023-33063 (CVSS score: 7.8) - Memory corruption in DSP Services during a remote call from HLOS to DSP. CVE-2023-33106 (CVSS score: 8.4) - Memory corruption in


News URL

https://thehackernews.com/2023/12/qualcomm-releases-details-on-chip.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-33106 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
local
low complexity
qualcomm CWE-119
7.8
2023-12-05 CVE-2023-33063 Use After Free vulnerability in Qualcomm products
Memory corruption in DSP Services during a remote call from HLOS to DSP.
local
low complexity
qualcomm CWE-416
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qualcomm 2227 0 257 1169 514 1940