PULSE
LIVE18signals / 24h
FEED
ransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Services
← All CVEs
CVE Watch

CVE-2023-33106

Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability

CVSS

No CVSS

EPSS

0.9%

p54

KEV

YES

Dec 5, 2023

Exploit Today

66

0-100

Published: · Last modified:

EPSS · 30d
0.9%EPSS · 30 days0.9%
2026-06-302026-07-17
KEV catalog record

Product

Qualcomm / Multiple Chipsets

Vulnerability

Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability

Added to KEV

Dec 5, 2023

Remediate by

Dec 26, 2023

Known ransomware use

No

Summary description

Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

Required action

Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/1e46e81dbeb69aafd5842ce779f07e617680fd58; https://nvd.nist.gov/vuln/detail/CVE-2023-33106

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-1905
63.3%
KEV69Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2026-21385
61.0%
KEV68Qualcomm Multiple Chipsets Memory Corruption Vulnerability
CVE-2023-33107
55.4%
KEV67Qualcomm Multiple Chipsets Integer Overflow Vulnerability
CVE-2025-27038
53.5%
KEV66Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2025-21479
51.7%
KEV66Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
CVE-2023-33063
49.0%
KEV65Qualcomm Multiple Chipsets Use-After-Free Vulnerability