Qualcomm has just released security patches for three zero-day vulnerabilities in the Adreno GPU driver. This processor is found in the SoC of dozens of Snapdragon chipsets for Android devices, including smartphones from popular brands such as Samsung, Google, Xiaomi, and OnePlus. The affected chips include both SoCs and components dedicated to wireless connectivity (Wi-Fi, Bluetooth, 5G, etc.) or audio. Chips dedicated to AI, virtual reality, and augmented reality are also affected.
Two of the three vulnerabilities allow an attacker to execute unauthorized commands, which can corrupt memory. Ultimately, the hacker can take control of the device remotely. The third breach occurs when Chrome displays graphicsusing the Adreno GPU drivers. The system sometimes frees a chunk of memory, but continues to use it afterward. This malfunction can be exploited by an attacker to execute malicious code.
A trio of flaws already exploited
The American company indicates that the flaws have been actively exploited as part of cyberattacks. As Qualcomm explains, Google researchers were able to determine that the trio of vulnerabilities "can be subject to limited and targeted exploitation". They are in fact considered zero-day. This is a vulnerability that is either made public or already exploited by hackers before an official patch is available.
Two critical flaws were discovered by Google in January. The third was identified a few weeks later, in March, and is considered highly serious by experts. It is currently unknown under what circumstances the flaws were exploited.
A "strong recommendation"
To protect users, Qualcomm has made available to manufacturers "patches for issues affecting the Adreno Graphics Processing Unit (GPU) driver." The group accompanied the patches with a "strong recommendation" to include the patches "on affected devices as soon as possible.". Everything now depends on the responsiveness of Android device manufacturers.
A few months earlier, Qualcomm had already patched six zero-day vulnerabilities in its chips. These allowed the NoviSpy spyware virus to spread on Android smartphones. The flaws were primarily used by Serbian police to spy on journalists and activists.
Source: Qualcomm
0 Comments