Three Adreno GPU Zero Days In The Wild, Keep An Eye Out For Updates On Your Android
Snappy Patch Releases Needed For Snapdragon
Qualcomm have released three patches for the Adreno GPU found it a vast amount of Android devices; not every Android phone has a Snapdragon GPU but most do so you will need to keep an eye out for updates. The first two patches address a zero-day discovered back in January and can lead to memory corruption thanks to unauthorized command executions on the GPU. This is more likely to cause crashes or errors than grant an attacker access to your device, but you can’t rule the latter out. The third is somewhat more recent, it was reported in March, which is a use-after-free causing memory corruption in Chrome. This again is more likely to upset your browser than to allow unauthorized access, but we’ve certainly seen use-after-free leveraged in that way.
The patches were released to OEMs and is unfortunately a perfect example of the fractured nature of the Android ecosystem. While Samsung, OnePlus and Xiaomi have the patch in hand, their users do not. The patches will be filtered through the OEM’s systems and should be released to users, but for many they will not see anything until the next large update to Android. Keep an eye out for updates and make sure to install them the moment you can.
Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks.
More Tech News From Around The Web
- The Hottest New Vibe Coding Startup May Be a Sitting Duck For Hackers @ Slashdot
- Microsoft ships emergency patch to fix Windows 11 startup failures @ Bleeping Computer
- Exploit details for max severity Cisco IOS XE flaw now public @ Bleeping Computer
- Hot Chips 2025 Preliminary Schedule Released @ ServeTheHome
- The House of Zen joins the co-packaged optics race with Enosemi buy @ The Register
- Intel Wins Jury Trial Over Patent Licenses In $3 Billion VLSI Fight @ Slashdot
- Billions of cookies up for grabs as experts warn over session security @ The Register
- How Stack Overflow’s Reputation System Led To Its Own Downfall @ Slashdot
- Business Insider Recommended Nonexistent Books To Staff As It Leans Into AI @ Slashdot
- Aussie businesses now have to fess up when they pay off ransomware crims @ The Register
- Apple has only 30 days to comply with EU DMA rules @ The Register
- Ransomware kingpin “Stern” apparently IDed by German law enforcement @ Ars Technica
- Breaking down why Apple TVs are privacy advocates’ go-to streaming device @ Ars Technica
- What Use Is An Original Raspberry Pi? @ Hackaday
- The Gmail app will now create AI summaries whether you want them or not @ Ars Technica
- Logitech MX Brio 4K Ultra HD Webcam Review @ NikKTech
- DJI Home App Instructions and Video Tutorial @ OCInside
