4 October 2023

Qualcomm, ARM warn of zero-day vulnerabilities in GPUs, drivers


Qualcomm, ARM warn of zero-day vulnerabilities in GPUs, drivers

US semiconductor company Qualcomm has warned about the active exploitation of three zero-day vulnerabilities in its Adreno GPU and Compute DSP drivers.

Tracked as CVE-2023-33106, CVE-2023-33107, and CVE-2023-33063, the three zero-days have been described as an input validation issue that could be used by a local app to elevate privileges. The vendor said it will provide more detailed information on the flaws at a later date.

The fourth vulnerability said to have been exploited by hackers is CVE-2022-22071, a use-after-free error in the Automotive Android OS that can lead to arbitrary code execution with elevated privileges.

The flaws were brought to Qualcomm's attention by Google's Threat Analysis Group (TAG) and Project Zero teams who suggested that they “may be under limited, targeted exploitation.”

Qualcomm’s disclosure comes on the heels of Arm’s security advisory about a zero-day flaw in the Mali GPU Kernel Driver actively exploited in the wild.

Tracked as CVE-2023-4211, the bug is a use-after-free error within Mali GPU Kernel Driver that can be used by a local application to execute arbitrary code with elevated privileges. The issue affects the following releases:

  • Midgard GPU Kernel Driver: All versions from r12p0 - r32p0

  • Bifrost GPU Kernel Driver: All versions from r0p0 - r42p0

  • Valhall GPU Kernel Driver: All versions from r19p0 - r42p0

  • Arm 5th Gen GPU Architecture Kernel Driver: All versions from r41p0 - r42p0

As in the above case, the vulnerability was discovered by Google’s TAG and Project Zero teams. The issue was fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r43p0.

In addition, Google released its monthly Android bulletin addressing multiple bugs, including CVE-2023-4863, a heap-based buffer overflow issue impacting the WebP image format in the Chrome web browser that was addressed last month.

Users are advised to apply updates from original equipment manufacturers (OEMs) as soon as they become available.


Back to the list

Latest Posts

Cybersecurity Week in Review: January 24, 2025

Cybersecurity Week in Review: January 24, 2025

In brief: SonicWall SMA zero-day exploited in attacks, hackers are exploiting older Ivanti flaws, and more.
24 January 2025
AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

The attacks have been active since June 2024.
23 January 2025
SonicWall SMA zero-day exploited in attacks

SonicWall SMA zero-day exploited in attacks

SonicWall has released a patch in version 12.4.3-02854 and higher versions to address the issue.
23 January 2025