nvd-json-data-feeds/CVE-2023/CVE-2023-331xx/CVE-2023-33110.json

{
  "id": "CVE-2023-33110",
  "sourceIdentifier": "product-security@qualcomm.com",
  "published": "2024-01-02T06:15:11.570",
  "lastModified": "2024-01-02T13:47:24.843",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption."
    },
    {
      "lang": "es",
      "value": "La variable de \u00edndice de sesi\u00f3n en el controlador de audio de voz del host PCM que se inicializa antes de abrir el PCM, a la que se accede durante la devoluci\u00f3n de llamada de evento desde ADSP y se restablece durante el cierre de PCM puede provocar una condici\u00f3n de ejecuci\u00f3n entre la devoluci\u00f3n de llamada de evento, el cierre de PCM y el reinicio del \u00edndice de sesi\u00f3n, lo que provoca da\u00f1os en la memoria."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "product-security@qualcomm.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "references": [
    {
      "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin",
      "source": "product-security@qualcomm.com"
    }
  ]
}
Auto-Update: 2024-01-02T07:00:24.208807+00:00 2024-01-02 07:00:27 +00:00			`{`
			`"id": "CVE-2023-33110",`
			`"sourceIdentifier": "product-security@qualcomm.com",`
			`"published": "2024-01-02T06:15:11.570",`
Auto-Update: 2024-01-02T15:00:25.590479+00:00 2024-01-02 15:00:29 +00:00			`"lastModified": "2024-01-02T13:47:24.843",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2024-01-02T07:00:24.208807+00:00 2024-01-02 07:00:27 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption."`
Auto-Update: 2024-01-02T15:00:25.590479+00:00 2024-01-02 15:00:29 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "La variable de \u00edndice de sesi\u00f3n en el controlador de audio de voz del host PCM que se inicializa antes de abrir el PCM, a la que se accede durante la devoluci\u00f3n de llamada de evento desde ADSP y se restablece durante el cierre de PCM puede provocar una condici\u00f3n de ejecuci\u00f3n entre la devoluci\u00f3n de llamada de evento, el cierre de PCM y el reinicio del \u00edndice de sesi\u00f3n, lo que provoca da\u00f1os en la memoria."`
Auto-Update: 2024-01-02T07:00:24.208807+00:00 2024-01-02 07:00:27 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "product-security@qualcomm.com",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"references": [`
			`{`
			`"url": "https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin",`
			`"source": "product-security@qualcomm.com"`
			`}`
			`]`
			`}`