HighCISA KEVExploited in the wildPublic exploit
Memory corruption in Qualcomm KGSL GPU AUX command handling
IdentifiersCVE-2023-33106CWE-119· Improper Restriction of Operations…
CVE-2023-33106 is a memory corruption vulnerability in Qualcomm's KGSL GPU driver path associated with IOCTL_KGSL_GPU_AUX_COMMAND. According to the provided content, the flaw is triggered when a large list of sync points is submitted in an AUX command, leading to memory corruption. The available context also notes this CVE being used in an exploit chain with a Chrome renderer vulnerability, indicating the bug is reachable in practical attack scenarios involving graphics processing. Specific vulnerable functions, exact root cause details, and affected version ranges are not provided in the supplied content.
Share:
For your environment
Are you exposed to this one?
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
ANALYST BRIEF
Impact, mitigation & remediation
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
Impact
What an attacker gets, and what they’ve been doing with it.
Successful exploitation can corrupt memory in the Qualcomm GPU driver context, which may enable attacker-controlled code execution, privilege escalation, or system instability depending on how the corruption is shaped. The supplied content specifically places CVE-2023-33106 in an exploit chain with a Chrome renderer vulnerability, indicating it can be used as a post-compromise component to escape a less-privileged context and advance toward higher privileges on affected devices.
Mitigation
If you can’t patch tonight, do this now.
Until patches are deployed, reduce exposure by limiting execution of untrusted content that can reach the graphics stack, especially browser-rendered or GPU-accelerated content on affected devices. Where operationally feasible, restrict installation of untrusted applications and keep browsers and system components fully updated to reduce the likelihood of this CVE being reached as part of a multi-bug chain. Specific vendor-recommended mitigations are not provided in the supplied content.
Remediation
Patch, then assume compromise.
Apply Qualcomm and downstream OEM security updates that address CVE-2023-33106 in the KGSL/Adreno GPU driver stack. Because the provided content does not include a specific bulletin, patch version, or fixed build, the exact remediation details are currently not available from the supplied material. In practice, remediation depends on installing the vendor-provided firmware or OS update containing the driver fix.
PUBLIC EXPLOITS
Exploits
No public exploits tracked yet. Mallory keeps watching.
VALID 0 / 0 TOTALView more in app
No public exploit code observed for this vulnerability.
EXPOSURE SURFACE
Affected products & vendors
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
VendorProductType
QualcommAr8035 Firmwareoperating_system
QualcommCsra6620 Firmwareoperating_system
QualcommCsra6640 Firmwareoperating_system
QualcommFastconnect 6200 Firmwareoperating_system
QualcommFastconnect 6700 Firmwareoperating_system
QualcommFastconnect 6800 Firmwareoperating_system
QualcommFastconnect 6900 Firmwareoperating_system
QualcommFastconnect 7800 Firmwareoperating_system
QualcommFlight Rb5 5g Platform Firmwareoperating_system
QualcommQam8255p Firmwareoperating_system
QualcommQam8295p Firmwareoperating_system
QualcommQam8650p Firmwareoperating_system
QualcommQam8775p Firmwareoperating_system
QualcommQca6174a Firmwareoperating_system
QualcommQca6391 Firmwareoperating_system
QualcommQca6426 Firmwareoperating_system
QualcommQca6436 Firmwareoperating_system
QualcommQca6574 Firmwareoperating_system
QualcommQca6574a Firmwareoperating_system
QualcommQca6574au Firmwareoperating_system
QualcommQca6595 Firmwareoperating_system
QualcommQca6595au Firmwareoperating_system
QualcommQca6696 Firmwareoperating_system
QualcommQca6698aq Firmwareoperating_system
QualcommQca6797aq Firmwareoperating_system
QualcommQca8081 Firmwareoperating_system
QualcommQca8337 Firmwareoperating_system
QualcommQca9377 Firmwareoperating_system
QualcommQcm2290 Firmwareoperating_system
QualcommQcm4290 Firmwareoperating_system
QualcommQcm4325 Firmwareoperating_system
QualcommQcm4490 Firmwareoperating_system
QualcommQcm5430 Firmwareoperating_system
QualcommQcm6490 Firmwareoperating_system
QualcommQcm8550 Firmwareoperating_system
QualcommQcn6024 Firmwareoperating_system
QualcommQcn9011 Firmwareoperating_system
QualcommQcn9012 Firmwareoperating_system
QualcommQcn9024 Firmwareoperating_system
QualcommQcs2290 Firmwareoperating_system
QualcommQcs410 Firmwareoperating_system
QualcommQcs4290 Firmwareoperating_system
QualcommQcs4490 Firmwareoperating_system
QualcommQcs5430 Firmwareoperating_system
QualcommQcs610 Firmwareoperating_system
QualcommQcs6490 Firmwareoperating_system
QualcommQcs7230 Firmwareoperating_system
QualcommQcs8250 Firmwareoperating_system
QualcommQcs8550 Firmwareoperating_system
QualcommQrb5165m Firmwareoperating_system
QualcommQrb5165n Firmwareoperating_system
QualcommQualcomm 215 Mobile Platform Firmwareoperating_system
QualcommQualcomm Video Collaboration Vc1 Platform Firmwareoperating_system
QualcommQualcomm Video Collaboration Vc3 Platform Firmwareoperating_system
QualcommQualcomm Video Collaboration Vc5 Platform Firmwareoperating_system
QualcommRobotics Rb5 Platform Firmwareoperating_system
QualcommSa4150p Firmwareoperating_system
QualcommSa4155p Firmwareoperating_system
QualcommSa6145p Firmwareoperating_system
QualcommSa6150p Firmwareoperating_system
QualcommSa6155p Firmwareoperating_system
QualcommSa8145p Firmwareoperating_system
QualcommSa8150p Firmwareoperating_system
QualcommSa8155p Firmwareoperating_system
QualcommSa8195p Firmwareoperating_system
QualcommSa8255p Firmwareoperating_system
QualcommSa8295p Firmwareoperating_system
QualcommSa8770p Firmwareoperating_system
QualcommSa8775p Firmwareoperating_system
QualcommSa9000p Firmwareoperating_system
QualcommSd 8 Gen1 5g Firmwareoperating_system
QualcommSd660 Firmwareoperating_system
QualcommSd865 5g Firmwareoperating_system
QualcommSd888 Firmwareoperating_system
QualcommSg4150p Firmwareoperating_system
QualcommSg8275p Firmwareoperating_system
QualcommSm4125 Firmwareoperating_system
QualcommSm7250p Firmwareoperating_system
QualcommSm7315 Firmwareoperating_system
QualcommSm7325p Firmwareoperating_system
QualcommSm8550p Firmwareoperating_system
QualcommSmart Audio 400 Platform Firmwareoperating_system
QualcommSnapdragon 4 Gen 1 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 4 Gen 2 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 439 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 460 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 480 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 480+ 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 660 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 662 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 680 4g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 685 4g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 690 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 695 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 750g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 765 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 765g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 768g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 778g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 778g+ 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 780g 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 782g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 7c+ Gen 3 Compute Firmwareoperating_system
QualcommSnapdragon 8 Gen 1 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8 Gen 2 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8+ Gen 1 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 8+ Gen 2 Mobile Platform Firmwareoperating_system
QualcommSnapdragon 865 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 865+ 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 870 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 888 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon 888+ 5g Mobile Platform Firmwareoperating_system
QualcommSnapdragon Ar2 Gen 1 Platform Firmwareoperating_system
QualcommSnapdragon Auto 5g Modem-Rf Firmwareoperating_system
QualcommSnapdragon W5+ Gen 1 Wearable Platform Firmwareoperating_system
QualcommSnapdragon X12 Lte Modem Firmwareoperating_system
QualcommSnapdragon X55 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon X65 5g Modem-Rf System Firmwareoperating_system
QualcommSnapdragon Xr2 5g Platform Firmwareoperating_system
QualcommSnapdragon Xr2+ Gen 1 Platform Firmwareoperating_system
QualcommSsg2115p Firmwareoperating_system
QualcommSsg2125p Firmwareoperating_system
QualcommSw5100 Firmwareoperating_system
QualcommSw5100p Firmwareoperating_system
QualcommSxr1230p Firmwareoperating_system
QualcommSxr2130 Firmwareoperating_system
QualcommSxr2230p Firmwareoperating_system
QualcommVideo Collaboration Vc1 Platform Firmwareoperating_system
QualcommVideo Collaboration Vc3 Platform Firmwareoperating_system
QualcommVideo Collaboration Vc5 Platform Firmwareoperating_system
QualcommWcd9326 Firmwareoperating_system
QualcommWcd9335 Firmwareoperating_system
QualcommWcd9341 Firmwareoperating_system
QualcommWcd9370 Firmwareoperating_system
QualcommWcd9375 Firmwareoperating_system
QualcommWcd9380 Firmwareoperating_system
QualcommWcd9385 Firmwareoperating_system
QualcommWcd9390 Firmwareoperating_system
QualcommWcd9395 Firmwareoperating_system
QualcommWcn3615 Firmwareoperating_system
QualcommWcn3660b Firmwareoperating_system
QualcommWcn3680b Firmwareoperating_system
QualcommWcn3910 Firmwareoperating_system
QualcommWcn3950 Firmwareoperating_system
QualcommWcn3980 Firmwareoperating_system
QualcommWcn3988 Firmwareoperating_system
QualcommWcn3990 Firmwareoperating_system
QualcommWcn6740 Firmwareoperating_system
QualcommWsa8810 Firmwareoperating_system
QualcommWsa8815 Firmwareoperating_system
QualcommWsa8830 Firmwareoperating_system
QualcommWsa8832 Firmwareoperating_system
QualcommWsa8835 Firmwareoperating_system
QualcommWsa8840 Firmwareoperating_system
QualcommWsa8845 Firmwareoperating_system
QualcommWsa8845h Firmwareoperating_system
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
ACTIVITY FEED
Recent activity
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
2 SOURCESView more in app
What this page doesn’t show
The version that knows your environment.
This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Exposure mapping
Query your assets running an affected version, and investigate the blast radius.
Threat actor evidence
Every observed campaign linking this CVE to a named adversary.
Associated malware
Malware families riding this exploit, with evidence and IOCs.
Detection signatures2
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Vendor-by-vendor mapping
Cross-references every affected SKU, including bundled OEM variants.
Social activity
Community discussion across Reddit, Mastodon, and other social sources.
EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2023-33106
NVD
nvd.nist.gov/vuln/detail/CVE-2023-33106
MITRE CWE · CWE-119
Improper Restriction of Operations within the…
Patch
qualcomm.com/company/product-security/bulletins/december-2023-bulletin
US Government Resource
cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-33106