Latest news with #CVE-2025-21479
Yahoo
3 days ago
- Business
- Yahoo
Android chipmaker Qualcomm fixes three zero-days exploited by hackers
Chipmaker giant Qualcomm released patches on Monday fixing a series of vulnerabilities in dozens of chips, including three zero-days that the company said may be in use as part of hacking campaigns. Qualcomm cited Google's Threat Analysis Group, or TAG, which investigates government-backed cyberattacks, saying the three flaws 'may be under limited, targeted exploitation.' According to the company's bulletin, Google's Android security team reported the three zero-days (CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038) to Qualcomm in February. Zero-days are security vulnerabilities that are not known to the software or hardware maker at the time of their discovery, making them extremely valuable for cybercriminals and government hackers. Because of Android's open source and distributed nature, it's now up to device manufacturers to apply the patches provided by Qualcomm, which means some devices may still be vulnerable for several more weeks, despite the fact that there are patches available. Do you have more information about these Qualcomm zero-days? Or other zero-day exploits or zero-day makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. Qualcomm said in the bulletin that the patches 'have been made available to [device makers] in May together with a strong recommendation to deploy the update on affected devices as soon as possible.' Google spokesperson Ed Fernandez told TechCrunch that the company's Pixel devices are not affected by these Qualcomm vulnerabilities. Kimberly Samra, a spokesperson for Google's TAG did not immediately provide more information about these vulnerabilities, and the circumstances in which TAG found them. Qualcomm acknowledged the fixes. "We encourage end users to apply security updates as they become available from device makers," said company spokesperson Dave Schefcik. Chipsets found in mobile devices are frequent targets for hackers and zero-day exploit developers because chips generally have wide access to the rest of the operating system, which means hackers can jump from there to other parts of the device that may hold sensitive data. In the last few months, there have been documented cases of exploitation against Qualcomm chipsets. Last year, Amnesty International identified a Qualcomm zero-day that was being used by Serbian authorities, likely by using phone unlocking tool maker Cellebrite. Updated to include Qualcomm's spokesperson comment. Sign in to access your portfolio
India Today
3 days ago
- Business
- India Today
Qualcomm fixes multiple zero-day chip flaws after Google warns of active exploits by hackers
Chipmaker Qualcomm has rolled out security patches to fix three serious zero-day vulnerabilities affecting its Adreno GPU (graphics processing unit) driver, after Google warned that hackers were actively exploiting these flaws in targeted attacks. The issues came to light after Google's Threat Analysis Group (TAG) shared evidence that the vulnerabilities — tracked as CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038 — were being used in the wild. These flaws affect dozens of chipsets and could allow attackers to gain control of a device or install are indications from Google Threat Analysis Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 may be under limited, targeted exploitation,' Qualcomm said in a security advisory on first two vulnerabilities, CVE-2025-21479 and CVE-2025-21480, were reported to Qualcomm in January by Google's Android Security team. These issues are related to incorrect authorisation in the GPU's graphics framework, which can lead to memory corruption. The third flaw, CVE-2025-27038, was reported in March and is described as a use-after-free bug – a type of memory corruption that happens when a program continues to use memory after it has been freed. The third vulnerability is believed to be connected to the rendering process in Chrome when using Adreno GPU said it provided patches for all three vulnerabilities to original equipment manufacturers (OEMs) in May. The company says that the patches for the issues affecting the Adreno Graphics Processing Unit (GPU) driver have been made available to OEMs in May together with a strong recommendation to deploy the update on affected devices as soon as the specific devices affected were not listed, Qualcomm advised users to contact their device makers for patch information. 'We encourage end users to apply security updates as they become available from device makers,' Qualcomm spokesperson Dave Schefcik said in a also confirmed that its Pixel line of smartphones were not affected by these vulnerabilities, a Google spokesperson told situation is more serious for some Android users, as Google's TAG team also discovered signs of spyware being used alongside these flaws. According to a report from Bleeping Computer, TAG found evidence that attackers used these vulnerabilities to install a spyware called NoviSpy, which can bypass Android's built-in security and gain deep access to a spyware was reportedly installed using a full exploit chain, which involves combining multiple bugs to bypass protections and gain control of the device at the kernel level, which is the deepest layer of the operating discovery adds to growing concerns about how sophisticated threat actors are finding ways to exploit hardware and software vulnerabilities for targeted the fixes now available, Qualcomm and Google are urging phone makers to push the patches to users as soon as possible to prevent further misuse of these security holes. Users, in turn, are advised to keep their devices updated and stay alert for software updates issued by their phone manufacturers.
