Qualcomm has released almost two dozen patches for different products, fixing, among other things, a vulnerability most likely being exploited by state-sponsored attackers.
The company’s security advisory detailed 20 patches for vulnerabilities affecting different chipsets, including CVE-2024-43047, a high-severity (7.8 score) bug described as “memory corruption while maintaining memory maps of HLOS memory.”
The bug was said to be affecting Snapdragon 660 and above, 5G modems, and FastConnect 6700, 6800, 6900, and 7800 Wi-Fi/Bluetooth kits.
Multiple devices affected
Qualcomm stressed this bug had already been mentioned by Google’s Threat Analysis Group (TAG), the company’s security arm that usually analyzes zero-day vulnerabilities exploited by nation-states and other state-sponsored actors.
“There are indications from Google Threat Analysis Group that CVE-2024-43047 may be under limited, targeted exploitation,” the advisory reads. “Patches for the issue affecting the FASTRPC driver have been made available to OEMs together with a strong recommendation to deploy the update on affected devices as soon as possible.”
Another notable mention from the batch is the patch for CVE-2024-33066, a vulnerability described as “memory corruption while redirecting log file to any file location with any file name.” It carries a severity score of 9.8 and is deemed critical. However, there is no evidence of abuse in the wild just yet.
Being a major chip manufacturer, Qualcomm is often the target of cybercriminals. Roughly a year ago, Qualcomm found multiple flaws in the Ardeno GPU and Compute DSP drivers (again, after being tipped off by Google’s TAG), which were used in “limited, targeted exploitation”. In that case, as well, it was said that the vulnerabilities were most likely abused by state-sponsored actors in espionage and data exfiltration attacks.
In both cases, Qualcomm urged its customers to apply the available patches as soon as possible.
Via The Register