CVE-2024-33036

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-823
View all →

Vulnerability Description

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.

Related Vulnerabilities

CVE-2022-33246

MEDIUM
CVSS:6.7(Medium)

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

CWE-8232022

CVE-2024-23377

MEDIUM
CVSS:6.7(Medium)

Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.

CWE-8232024

CVE-2024-52937

MEDIUM
CVSS:6.7(Medium)

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

CWE-8232024

CVE-2022-1420

MEDIUM
CVSS:6.8(Medium)

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.

CWE-8232022

CVE-2023-2426

MEDIUM
CVSS:6.8(Medium)

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.

CWE-8232023

CVE-2021-1352

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an ...

CWE-8232021