CVE-2023-33110 [High] | Security Vulnerability in Snapdragon 425 Mobile Pla…

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-11-21	0.03%	0.08%	+0.05%
2	2025-11-18	0.08%	0.03%	-0.05%
3	2025-04-15	—	0.08%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-11-21

0.03%

0.08%

+0.05%

2025-11-18

0.08%

0.03%

-0.05%

2025-04-15

—

0.08%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.8	3.1	HIGH	`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:L) A normal user session is enough; they don’t have to be admin. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	1.8	5.9	[email protected]
7.0	3.1	HIGH	`CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:H) Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work. Privileges required (PR:L) A normal user session is enough; they don’t have to be admin. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	1.0	5.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

7.8

3.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L): A normal user session is enough; they don’t have to be admin.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

1.8

5.9

[email protected]

7.0

3.1

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:H): Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:L): A normal user session is enough; they don’t have to be admin.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

1.0

5.9

[email protected]

Affected software / configurations for CVE-2023-33110

References for CVE-2023-33110

URL	Tags
https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin	Vendor Advisory

URL

CVE-2023-33110 | Use of Out-of-range Pointer Offset in Audio

Exploit prediction scoring system (EPSS) score for CVE-2023-33110

Common vulnerability scoring system (CVSS) metrics for CVE-2023-33110

Weakness enumeration for CVE-2023-33110

Affected software / configurations for CVE-2023-33110

References for CVE-2023-33110

Vendor	Product	Version	Raw CPE
qualcomm	snapdragon_425_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_425_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_427_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_427_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_429_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_430_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_430_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_435_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_435_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_439_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_439_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_450_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_450_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_460_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_480_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_480\+_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_480\+_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_625_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_625_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_626_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_626_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_630_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_632_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_632_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_636_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_660_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_662_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_665_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_670_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_675_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_678_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_678_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_680_4g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_685_4g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_690_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_695_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_710_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_712_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_712_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_720g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_730_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_730_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_730g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_730g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_732g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_732g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_750g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_765_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_765g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_768g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_778g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_778g\+_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_778g\+_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_780g_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_782g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_7c_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_7c_gen_2_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_7c\+_gen_3_compute_firmware	—	cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:::::::*
qualcomm	snapdragon_8_gen_1_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_8\+_gen_1_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8\+_gen_1_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_820_automotive_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_820_automotive_platform_firmware:-:::::::*
qualcomm	snapdragon_820_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_820_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_821_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_821_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_835_mobile_pc_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:::::::*
qualcomm	snapdragon_845_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_850_mobile_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_855_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_855\+\/860_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_855\+\/860_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_865_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_865\+_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_865\+_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_870_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_888_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_888\+_5g_mobile_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_888\+_5g_mobile_platform_firmware:-:::::::*
qualcomm	snapdragon_8c_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_8cx_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_8cx_gen_2_5g_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_8cx_gen_3_compute_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-:::::::*
qualcomm	snapdragon_ar2_gen_1_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:::::::*
qualcomm	snapdragon_auto_5g_modem-rf_firmware	—	cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:::::::*
qualcomm	snapdragon_w5\+_gen_1_wearable_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_w5\+_gen_1_wearable_platform_firmware:-:::::::*
qualcomm	snapdragon_wear_1300_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:::::::*
qualcomm	snapdragon_wear_2100_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_wear_2100_platform_firmware:-:::::::*
qualcomm	snapdragon_wear_2500_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_wear_2500_platform_firmware:-:::::::*
qualcomm	snapdragon_wear_3100_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_wear_3100_platform_firmware:-:::::::*
qualcomm	snapdragon_wear_4100\+_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_wear_4100\+_platform_firmware:-:::::::*
qualcomm	snapdragon_x12_lte_modem_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x12_lte_modem_firmware:-:::::::*
qualcomm	snapdragon_x24_lte_modem_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x24_lte_modem_firmware:-:::::::*
qualcomm	snapdragon_x5_lte_modem_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:::::::*
qualcomm	snapdragon_x50_5g_modem-rf_system_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:::::::*
qualcomm	snapdragon_x55_5g_modem-rf_system_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:::::::*
qualcomm	snapdragon_x65_5g_modem-rf_system_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:::::::*
qualcomm	snapdragon_x70_modem-rf_system_firmware	—	cpe:2.3:o:qualcomm:snapdragon_x70_modem-rf_system_firmware:-:::::::*
qualcomm	snapdragon_xr1_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:::::::*
qualcomm	snapdragon_xr2_5g_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:::::::*
qualcomm	snapdragon_xr2\+_gen_1_platform_firmware	—	cpe:2.3:o:qualcomm:snapdragon_xr2\+_gen_1_platform_firmware:-:::::::*
qualcomm	snapdragon_auto_4g_modem_firmware	—	cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:::::::*