Security News > 2023 > October > Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
2023-10-03 16:37
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity. "There are indications from Google Threat Analysis Group and Google Project Zero that CVE-2023-33106, CVE-2023-33107,
News URL
https://thehackernews.com/2023/10/qualcomm-releases-patch-for-3-new-zero.html
Related news
- Qualcomm zero-day under targeted exploitation (CVE-2024-43047) (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Qualcomm urges device makers to push patches after 'targeted' exploitation (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-33107 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. | 7.8 |
| 2023-12-05 | CVE-2023-33106 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | 7.8 |