Security News > 2023 > October > Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.
Qualcomm says it has released security updates that address the issues in its Adreno GPU and Compute DSP drivers, and impacted OEMs were also notified.
"Patches for the issues affecting Adreno GPU and Compute DSP drivers have been made available, and OEMs have been notified with a strong recommendation to deploy security updates as soon as possible" - Qualcomm.
The CVE-2022-22071 flaw was disclosed in May 2022 and is a high-severity locally exploitable use after free bug impacting popular chips like the SD855, SD865 5G, and SD888 5G. Qualcomm has not released any details on the actively exploited CVE-2023-33106, CVE-2022-22071, and CVE-2023-33063 flaws and will provide more information in its December 2023 bulletin.
Yesterday, Arm issued a similar security advisory warning about an actively exploited flaw (CVE-2023-4211 discovered and reported to them by Google's Threat Analysis Group and Project Zero, which impacts a wide range of Mali GPU drivers.
Arm warns of Mali GPU flaws likely exploited in targeted attacks.
News URL
Related news
- ⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! (source)
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-33106 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | 7.8 |
| 2023-12-05 | CVE-2023-33063 | Use After Free vulnerability in Qualcomm products Memory corruption in DSP Services during a remote call from HLOS to DSP. | 7.8 |
| 2023-10-01 | CVE-2023-4211 | Use After Free vulnerability in ARM products A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 5.5 |
| 2022-06-14 | CVE-2022-22071 | Use After Free vulnerability in Qualcomm products Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 7.8 |