Qam8295p Firmware
CVE-2023-33039
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in Automotive Display while destroying the image handle created using connected display driver.
AnalysisAI
Memory corruption in Automotive Display while destroying the image handle created using connected display driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Memory corruption in Automotive Display while destroying the image handle created using connected display driver. Affected products include: Qualcomm Qam8295P Firmware, Qualcomm Qam8650P Firmware, Qualcomm Qamsrv1H Firmware, Qualcomm Qca6574A Firmware, Qualcomm Qca6574Au Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
More in Qam8295p Firmware
View allA Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. Rated high severity (CVSS 8.8), this vuln
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today