CVE-2023-33110

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Jan 2, 2024
Updated: Apr 12, 2024
CWE ID 823
CWE ID 362

Summary

CVE-2023-33110 is a vulnerability affecting the PCM host voice audio driver. The session index variable is initialized before opening the PCM, and is accessed during an event callback from ADSP. If a race condition occurs between the event callback and the PCM close, the session index may be reset, leading to memory corruption. This issue could potentially be exploited by an attacker to execute arbitrary code or cause system instability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share