CVE-2023-33022

8.4 HIGH

📋 TL;DR

This vulnerability allows memory corruption in the High-Level Operating System (HLOS) when user-space applications make specific IOCTL calls to Qualcomm hardware components. Attackers could exploit this to execute arbitrary code with kernel privileges. Affected systems include devices using vulnerable Qualcomm chipsets.

💻 Affected Systems

Products:

• Qualcomm Snapdragon chipsets
• Devices using Qualcomm SoCs

Versions: Specific chipset versions listed in Qualcomm December 2023 bulletin

Operating Systems: Android, Linux-based systems using Qualcomm drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Requires user-space access to trigger the vulnerable IOCTL calls. Affects mobile devices, IoT devices, and embedded systems using vulnerable Qualcomm components.

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

View all CVEs affecting 315 5g Iot Modem Firmware →

Apq5053 Aa Firmware by Qualcomm

View all CVEs affecting Apq5053 Aa Firmware →

Aqt1000 Firmware by Qualcomm

View all CVEs affecting Aqt1000 Firmware →

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

Csra6620 Firmware by Qualcomm

View all CVEs affecting Csra6620 Firmware →

Csra6640 Firmware by Qualcomm

View all CVEs affecting Csra6640 Firmware →

Flight Rb5 5g Platform Firmware by Qualcomm

View all CVEs affecting Flight Rb5 5g Platform Firmware →

Qam8255p Firmware by Qualcomm

View all CVEs affecting Qam8255p Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qam8650p Firmware by Qualcomm

View all CVEs affecting Qam8650p Firmware →

Qam8775p Firmware by Qualcomm

View all CVEs affecting Qam8775p Firmware →

Qca6390 Firmware by Qualcomm

View all CVEs affecting Qca6390 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6420 Firmware by Qualcomm

View all CVEs affecting Qca6420 Firmware →

Qca6421 Firmware by Qualcomm

View all CVEs affecting Qca6421 Firmware →

Qca6426 Firmware by Qualcomm

View all CVEs affecting Qca6426 Firmware →

Qca6430 Firmware by Qualcomm

View all CVEs affecting Qca6430 Firmware →

Qca6431 Firmware by Qualcomm

View all CVEs affecting Qca6431 Firmware →

Qca6436 Firmware by Qualcomm

View all CVEs affecting Qca6436 Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6584au Firmware by Qualcomm

View all CVEs affecting Qca6584au Firmware →

Qca6595 Firmware by Qualcomm

View all CVEs affecting Qca6595 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca6797aq Firmware by Qualcomm

View all CVEs affecting Qca6797aq Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qcc710 Firmware by Qualcomm

View all CVEs affecting Qcc710 Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4290 Firmware by Qualcomm

View all CVEs affecting Qcm4290 Firmware →

Qcm4325 Firmware by Qualcomm

View all CVEs affecting Qcm4325 Firmware →

Qcm5430 Firmware by Qualcomm

View all CVEs affecting Qcm5430 Firmware →

Qcm6125 Firmware by Qualcomm

View all CVEs affecting Qcm6125 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcm8550 Firmware by Qualcomm

View all CVEs affecting Qcm8550 Firmware →

Qcn6024 Firmware by Qualcomm

View all CVEs affecting Qcn6024 Firmware →

Qcn6224 Firmware by Qualcomm

View all CVEs affecting Qcn6224 Firmware →

Qcn6274 Firmware by Qualcomm

View all CVEs affecting Qcn6274 Firmware →

Qcn7606 Firmware by Qualcomm

View all CVEs affecting Qcn7606 Firmware →

Qcn9024 Firmware by Qualcomm

View all CVEs affecting Qcn9024 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4290 Firmware by Qualcomm

View all CVEs affecting Qcs4290 Firmware →

Qcs5430 Firmware by Qualcomm

View all CVEs affecting Qcs5430 Firmware →

Qcs603 Firmware by Qualcomm

View all CVEs affecting Qcs603 Firmware →

Qcs605 Firmware by Qualcomm

View all CVEs affecting Qcs605 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs6125 Firmware by Qualcomm

View all CVEs affecting Qcs6125 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qcs8550 Firmware by Qualcomm

View all CVEs affecting Qcs8550 Firmware →

Qdu1000 Firmware by Qualcomm

View all CVEs affecting Qdu1000 Firmware →

Qdu1010 Firmware by Qualcomm

View all CVEs affecting Qdu1010 Firmware →

Qdu1110 Firmware by Qualcomm

View all CVEs affecting Qdu1110 Firmware →

Qdu1210 Firmware by Qualcomm

View all CVEs affecting Qdu1210 Firmware →

Qdx1010 Firmware by Qualcomm

View all CVEs affecting Qdx1010 Firmware →

Qdx1011 Firmware by Qualcomm

View all CVEs affecting Qdx1011 Firmware →

Qfw7114 Firmware by Qualcomm

View all CVEs affecting Qfw7114 Firmware →

Qfw7124 Firmware by Qualcomm

View all CVEs affecting Qfw7124 Firmware →

Qrb5165 Firmware by Qualcomm

View all CVEs affecting Qrb5165 Firmware →

Qrb5165m Firmware by Qualcomm

View all CVEs affecting Qrb5165m Firmware →

Qrb5165n Firmware by Qualcomm

View all CVEs affecting Qrb5165n Firmware →

Qru1032 Firmware by Qualcomm

View all CVEs affecting Qru1032 Firmware →

Qru1052 Firmware by Qualcomm

View all CVEs affecting Qru1052 Firmware →

Qru1062 Firmware by Qualcomm

View all CVEs affecting Qru1062 Firmware →

Qsm8250 Firmware by Qualcomm

View all CVEs affecting Qsm8250 Firmware →

Qsm8350 Firmware by Qualcomm

View all CVEs affecting Qsm8350 Firmware →

Sa4150p Firmware by Qualcomm

View all CVEs affecting Sa4150p Firmware →

Sa4155p Firmware by Qualcomm

View all CVEs affecting Sa4155p Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6150p Firmware by Qualcomm

View all CVEs affecting Sa6150p Firmware →

Sa6155 Firmware by Qualcomm

View all CVEs affecting Sa6155 Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8145p Firmware by Qualcomm

View all CVEs affecting Sa8145p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155 Firmware by Qualcomm

View all CVEs affecting Sa8155 Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8195p Firmware by Qualcomm

View all CVEs affecting Sa8195p Firmware →

Sa8255p Firmware by Qualcomm

View all CVEs affecting Sa8255p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sa8540p Firmware by Qualcomm

View all CVEs affecting Sa8540p Firmware →

Sa8770p Firmware by Qualcomm

View all CVEs affecting Sa8770p Firmware →

Sa8775p Firmware by Qualcomm

View all CVEs affecting Sa8775p Firmware →

Sa9000p Firmware by Qualcomm

View all CVEs affecting Sa9000p Firmware →

Sc7180 Ac Firmware by Qualcomm

View all CVEs affecting Sc7180 Ac Firmware →

Sc7180 Ad Firmware by Qualcomm

View all CVEs affecting Sc7180 Ad Firmware →

Sc8180x Aa Firmware by Qualcomm

View all CVEs affecting Sc8180x Aa Firmware →

Sc8180x Ab Firmware by Qualcomm

View all CVEs affecting Sc8180x Ab Firmware →

Sc8180x Ac Firmware by Qualcomm

View all CVEs affecting Sc8180x Ac Firmware →

Sc8180x Ad Firmware by Qualcomm

View all CVEs affecting Sc8180x Ad Firmware →

Sc8180x Af Firmware by Qualcomm

View all CVEs affecting Sc8180x Af Firmware →

Sc8180x\+sdx55 Firmware by Qualcomm

View all CVEs affecting Sc8180x\+sdx55 Firmware →

Sc8180xp Aa Firmware by Qualcomm

View all CVEs affecting Sc8180xp Aa Firmware →

Sc8180xp Ab Firmware by Qualcomm

View all CVEs affecting Sc8180xp Ab Firmware →

Sc8180xp Ac Firmware by Qualcomm

View all CVEs affecting Sc8180xp Ac Firmware →

Sc8180xp Ad Firmware by Qualcomm

View all CVEs affecting Sc8180xp Ad Firmware →

Sc8180xp Af Firmware by Qualcomm

View all CVEs affecting Sc8180xp Af Firmware →

Sc8280xp Ab Firmware by Qualcomm

View all CVEs affecting Sc8280xp Ab Firmware →

Sc8280xp Bb Firmware by Qualcomm

View all CVEs affecting Sc8280xp Bb Firmware →

Sc8380xp Firmware by Qualcomm

View all CVEs affecting Sc8380xp Firmware →

Sd 675 Firmware by Qualcomm

View all CVEs affecting Sd 675 Firmware →

Sd670 Firmware by Qualcomm

View all CVEs affecting Sd670 Firmware →

Sd675 Firmware by Qualcomm

View all CVEs affecting Sd675 Firmware →

Sd730 Firmware by Qualcomm

View all CVEs affecting Sd730 Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sdm670 Firmware by Qualcomm

View all CVEs affecting Sdm670 Firmware →

Sdm710 Firmware by Qualcomm

View all CVEs affecting Sdm710 Firmware →

Sdm712 Firmware by Qualcomm

View all CVEs affecting Sdm712 Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sg4150p Firmware by Qualcomm

View all CVEs affecting Sg4150p Firmware →

Sg8275p Firmware by Qualcomm

View all CVEs affecting Sg8275p Firmware →

Sm4125 Firmware by Qualcomm

View all CVEs affecting Sm4125 Firmware →

Sm4250 Aa Firmware by Qualcomm

View all CVEs affecting Sm4250 Aa Firmware →

Sm4350 Ac Firmware by Qualcomm

View all CVEs affecting Sm4350 Ac Firmware →

Sm4350 Firmware by Qualcomm

View all CVEs affecting Sm4350 Firmware →

Sm4375 Firmware by Qualcomm

View all CVEs affecting Sm4375 Firmware →

Sm6125 Firmware by Qualcomm

View all CVEs affecting Sm6125 Firmware →

Sm6150 Ac Firmware by Qualcomm

View all CVEs affecting Sm6150 Ac Firmware →

Sm6225 Ad Firmware by Qualcomm

View all CVEs affecting Sm6225 Ad Firmware →

Sm6225 Firmware by Qualcomm

View all CVEs affecting Sm6225 Firmware →

Sm6250 Firmware by Qualcomm

View all CVEs affecting Sm6250 Firmware →

Sm6250p Firmware by Qualcomm

View all CVEs affecting Sm6250p Firmware →

Sm6350 Firmware by Qualcomm

View all CVEs affecting Sm6350 Firmware →

Sm6375 Firmware by Qualcomm

View all CVEs affecting Sm6375 Firmware →

Sm7125 Firmware by Qualcomm

View all CVEs affecting Sm7125 Firmware →

Sm7150 Aa Firmware by Qualcomm

View all CVEs affecting Sm7150 Aa Firmware →

Sm7150 Ab Firmware by Qualcomm

View all CVEs affecting Sm7150 Ab Firmware →

Sm7150 Ac Firmware by Qualcomm

View all CVEs affecting Sm7150 Ac Firmware →

Sm7225 Firmware by Qualcomm

View all CVEs affecting Sm7225 Firmware →

Sm7250 Aa Firmware by Qualcomm

View all CVEs affecting Sm7250 Aa Firmware →

Sm7250 Ab Firmware by Qualcomm

View all CVEs affecting Sm7250 Ab Firmware →

Sm7250 Ac Firmware by Qualcomm

View all CVEs affecting Sm7250 Ac Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7325 Ae Firmware by Qualcomm

View all CVEs affecting Sm7325 Ae Firmware →

Sm7325 Af Firmware by Qualcomm

View all CVEs affecting Sm7325 Af Firmware →

Sm7325 Firmware by Qualcomm

View all CVEs affecting Sm7325 Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Sm7350 Ab Firmware by Qualcomm

View all CVEs affecting Sm7350 Ab Firmware →

Sm8150 Ac Firmware by Qualcomm

View all CVEs affecting Sm8150 Ac Firmware →

Sm8150 Firmware by Qualcomm

View all CVEs affecting Sm8150 Firmware →

Sm8250 Ab Firmware by Qualcomm

View all CVEs affecting Sm8250 Ab Firmware →

Sm8250 Ac Firmware by Qualcomm

View all CVEs affecting Sm8250 Ac Firmware →

Sm8250 Firmware by Qualcomm

View all CVEs affecting Sm8250 Firmware →

Sm8350 Ac Firmware by Qualcomm

View all CVEs affecting Sm8350 Ac Firmware →

Sm8350 Firmware by Qualcomm

View all CVEs affecting Sm8350 Firmware →

Sm8450 Firmware by Qualcomm

View all CVEs affecting Sm8450 Firmware →

Sm8550p Firmware by Qualcomm

View all CVEs affecting Sm8550p Firmware →

Snapdragon 662 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 662 Mobile Platform Firmware →

Snapdragon 675 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 675 Mobile Platform Firmware →

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Platform Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Gen 2 Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Snapdragon X50 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →

Snapdragon X75 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X75 5g Modem Rf System Firmware →

Snapdragon Xr1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr1 Platform Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1120 Firmware by Qualcomm

View all CVEs affecting Sxr1120 Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Video Collaboration Vc1 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc1 Platform Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Vision Intelligence 300 Platform Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 300 Platform Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9360 Firmware by Qualcomm

View all CVEs affecting Wcd9360 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9371 Firmware by Qualcomm

View all CVEs affecting Wcd9371 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcd9390 Firmware by Qualcomm

View all CVEs affecting Wcd9390 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn3991 Firmware by Qualcomm

View all CVEs affecting Wcn3991 Firmware →

Wcn3998 Firmware by Qualcomm

View all CVEs affecting Wcn3998 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wcn6750 Firmware by Qualcomm

View all CVEs affecting Wcn6750 Firmware →

Wcn685x 1 Firmware by Qualcomm

View all CVEs affecting Wcn685x 1 Firmware →

Wcn685x 5 Firmware by Qualcomm

View all CVEs affecting Wcn685x 5 Firmware →

Wcn785x 1 Firmware by Qualcomm

View all CVEs affecting Wcn785x 1 Firmware →

Wcn785x 5 Firmware by Qualcomm

View all CVEs affecting Wcn785x 5 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

Wsa8840 Firmware by Qualcomm

View all CVEs affecting Wsa8840 Firmware →

Wsa8845 Firmware by Qualcomm

View all CVEs affecting Wsa8845 Firmware →

Wsa8845h Firmware by Qualcomm

View all CVEs affecting Wsa8845h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with kernel-level code execution, allowing attackers to install persistent malware, steal sensitive data, or brick devices.

🟠

Likely Case

Local privilege escalation from user to kernel mode, enabling attackers to bypass security controls and gain full system access.

🟢

If Mitigated

Limited impact if proper kernel hardening, SELinux/AppArmor policies, and least privilege principles are enforced.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user-space access and knowledge of specific IOCTL calls. No public exploit code available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches included in Qualcomm December 2023 security bulletin

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates. 2. Apply Qualcomm-provided patches through OEM firmware updates. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict IOCTL access

linux

Implement SELinux/AppArmor policies to restrict user-space access to vulnerable IOCTL calls

Copy

# Requires custom SELinux policy development
# Example: audit2allow to create policy from denied IOCTL attempts

Disable unnecessary kernel modules

linux

Remove or blacklist vulnerable Qualcomm kernel modules if not required

Copy

modprobe -r <vulnerable_module>
echo 'blacklist <vulnerable_module>' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

• Implement strict application sandboxing to limit user-space access to kernel interfaces
• Deploy kernel hardening measures like KASLR, stack canaries, and SMAP/SMEP

🔍 How to Verify

Check if Vulnerable:

Copy

Check device chipset version and compare against Qualcomm's affected list. Review kernel logs for IOCTL-related warnings.

Check Version:

Copy

cat /proc/cpuinfo | grep -i qualcomm && getprop ro.build.version.security_patch

Verify Fix Applied:

Copy

Verify security patch level includes December 2023 Qualcomm updates. Check kernel version and module signatures.

📡 Detection & Monitoring

Log Indicators:

• Kernel logs showing unusual IOCTL calls
• SELinux/AppArmor denials for kernel module access
• Unexpected privilege escalation attempts

Network Indicators:

• None - this is a local vulnerability

SIEM Query:

Copy

source="kernel" AND ("ioctl" OR "privilege escalation") AND dest="kernel"

📊 Metadata

CVE ID: CVE-2023-33022

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-680

Published: December 5, 2023

Last Updated: August 11, 2025

🔗 References

• https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin Vendor Advisory
• https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-33022, you might also want to check these:

CVE-2020-13576 9.8

A remote code execution vulnerability exists in the WS-Addressing plugin of Genivia gSOAP 2.8.107. A...

Same vulnerability type (CWE-680)

CVE-2021-21783 9.8

This vulnerability allows remote code execution in Genivia gSOAP's WS-Addressing plugin. Attackers c...

Same vulnerability type (CWE-680)

CVE-2024-33078 9.8

CVE-2024-33078 is a critical buffer overflow vulnerability in Tencent Libpag v4.3 that allows remote...

Same vulnerability type (CWE-680)