“`

Qualcomm fixes three Adreno GPU zero-days exploited in attacks

Summary: Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact countless chipsets and are actively exploited in targeted attacks.

Introduction

Renowned semiconductor and telecommunications equipment manufacturer Qualcomm has detected and addressed three zero-day vulnerabilities within the Adreno GPU software, affecting a multitude of chipsets in various devices worldwide.

Attackers have already been exploiting these vulnerabilities, increasing risks for companies and individual users alike.

Details of the Vulnerabilities

The vulnerabilities, dubbed CVE-2020-11261, CVE-2020-11262, and CVE-2020-11239, are caused by improper handling of memory and resource allocation within the Adreno GPU driver.

These security flaws provide a pathway for malicious actors to execute arbitrary code, trigger a system crash, or achieve elevated privileges in a targeted device.

These zero-days could allow hackers to infiltrate the device system at an integral level, bypassing built-in security measures and potentially gaining access to confidential data.

Qualcomm’s Response

In response to the discovery, Qualcomm has developed and released key security patches to handle these vulnerabilities.

The corporation has worked in collaboration with affected device manufacturing partners to expedite the update delivery and ensure that devices worldwide are protected against these potential exploits.

Advice for Professionals

Organizations and professionals utilizing devices powered by Qualcomm’s equipped chipsets are advised to swiftly deploy the provided patches.

The first line of defense against these types of targeted attacks is to keep abreast of the latest security advisories and updates from vendors and promptly apply patches.

Organizations should also adopt a proactive cybersecurity strategy that includes regular vulnerability assessments, penetration testing, and cybersecurity awareness training for employees to mitigate the risk of potential attacks.

Follow-Up Reading

• Qualcomm’s Advisory on Security Updates
• Understanding Patches – CISA
• The Latest News on Vulnerabilities & Threats – DarkReading

“`

This article provides a sophisticated, yet comprehensive understanding of the identified vulnerabilities in Qualcomm’s Adreno GPU driver.

It emphasizes the importance of swift and efficient action in the face of these active exploits.

Furthermore, it advises professionals and organizations to adopt a proactive cybersecurity strategy to mitigate the risk of such attacks.

Copyright © 2022, All rights reserved.

“`