Cyber Resilience

CVE-2023-33106

HighCISA KEVActive ExploitationEUVD Exploited

Published: 05 December 2023

Published
05 December 2023
Modified
28 October 2025
KEV Added
05 December 2023
Patch
CVSS Score v3.1 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0017 38.0th percentile
Risk Priority 37 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-33106 is a high-severity Use of Out-of-range Pointer Offset (CWE-823) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 8.4 (High).

Operationally, ranked at the 38.0th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-6 (Least Privilege).

Deeper analysis

CVE-2023-33106 is a memory corruption vulnerability in Qualcomm's KGSL GPU driver, triggered when an AUX command containing an excessively large list of sync points is submitted through the IOCTL_KGSL_GPU_AUX_COMMAND interface. The flaw maps to CWE-823 and CWE-119 and carries a CVSS 3.1 score of 8.4, reflecting local attack vector, low complexity, and no required privileges or user interaction.

A local attacker on an affected Qualcomm device can supply a maliciously crafted AUX command to corrupt kernel memory, resulting in arbitrary code execution or denial of service with full confidentiality, integrity, and availability impact on the GPU subsystem.

Qualcomm's December 2023 security bulletin addresses the issue with patches for impacted chipsets; the vulnerability is also catalogued in CISA's Known Exploited Vulnerabilities list, confirming in-the-wild exploitation. The current EPSS score of 0.0017 remains low and shows no material upward movement.

EU & UK References

Vulnerability details

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

CWE(s)
KEV Date Added
05 December 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

qualcomm
ar8035 firmware
all versions
qualcomm
csra6620 firmware
all versions
qualcomm
csra6640 firmware
all versions
qualcomm
fastconnect 6200 firmware
all versions
qualcomm
fastconnect 6700 firmware
all versions
qualcomm
fastconnect 6800 firmware
all versions
qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
flight rb5 5g platform firmware
all versions
qualcomm
qam8255p firmware
all versions
+143 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of the size and structure of the sync-point list supplied to IOCTL_KGSL_GPU_AUX_COMMAND, blocking the oversized input that triggers memory corruption.

prevent

Applies memory-protection mechanisms that can detect or block the corruption of kernel memory resulting from the malformed AUX command.

prevent

Restricts which processes may open and submit commands to the KGSL GPU device, reducing the attack surface for an unprivileged local process.

References