Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,491
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.

The American semiconductor company was told by Google's Threat Analysis Group (TAG) and Project Zero teams that CVE-2023-33106, CVE-2023-33107, CVE-2022-22071, and CVE-2023-33063 may be under limited, targeted exploitation.
This month's security bulletin also warns of three other critical vulnerabilities:
  • CVE-2023-24855: Memory corruption in Qualcomm’s Modem component occurring when processing security-related configurations before the AS Security Exchange. (CVSS v3.1: 9.8)
  • CVE-2023-28540: Cryptographic issue in the Data Modem component arising from improper authentication during the TLS handshake. (CVSS v3.1: 9.1)
  • CVE-2023-33028: Memory corruption in the WLAN firmware occurring while copying the pmk cache memory without performing size checks. (CVSS v3.1: 9.8)
Along with the above, Qualcomm has disclosed 13 high-severity flaws and another three critical-severity vulnerabilities discovered by its engineers.

As the CVE-2023-24855, CVE-2023-2854, and CVE-2023-33028 flaws are all remotely exploitable, they are critical from a security standpoint, but there is no indication they are exploited.
Unfortunately, there isn't a lot impacted consumers can do besides applying the available updates as soon as those reach them through the usual OEM channels.

Flaws in drivers usually require local access to exploit, typically achieved through malware infections, so Android device owners are recommended to limit the number of apps they download and only source them from trustworthy repositories.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top