Qualcomm has patched a number of safety flaws found in its merchandise, together with three zero-day vulnerabilities. The US chipmaker just lately introduced that these flaws may need been exploited by hackers to focus on affected gadgets. Customers should watch for system producers to roll out Qualcomm’s patches for the vulnerabilities that influence the Adreno graphics processing unit (GPU) driver on affected gadgets. Google Pixel gadgets which are geared up with the corporate’s personal Tensor chips, are reportedly unaffected by the safety flaws.
Qualcomm Says Hackers Might Have Exploited Zero-Day Flaws
A safety bulletin revealed on Monday reveals that Qualcomm has patched 10 proprietary software issues. The corporate has assigned two of those flaws a ‘Vital’ safety ranking, whereas the others are marked as ‘Excessive’. These points are linked to graphics, core, the information community stack and connectivity, Wi-Fi {hardware} abstraction layer (HAL), and the Bluetooth host.
Out of the ten safety vulnerabilities patched by Qualcomm, the chipmaker has revealed that three zero-days (beforehand unknown flaws) could have been exploited by hackers in a focused marketing campaign. These are CVE-2025-21479 (Incorrect authorisation in graphics), CVE-2025-21480 (Incorrect authorisation in graphics home windows), CVE-2025-27038 (Use after free in graphics).
The descriptions of those safety flaws counsel that hackers may leverage them to achieve unauthorised entry to a goal’s smartphone. These flaws are recurrently found and patched by chipmakers, who’ve entry to the proprietary code for his or her chipsets.
Qualcomm has credited Google’s Menace Evaluation Group (TAG) with discovering and reporting these flaws, which had been subsequently patched. A Google spokesperson informed TechCrunch that these safety flaws do not affect the company’s Pixel phones, which run on in-house Tensor chips.
Whereas the safety flaws have been patched by Qualcomm, they nonetheless should be rolled out to person’s gadgets by way of software program updates. The chipmaker says it shared these patches with OEMs in Might and urged them to situation safety updates for gadgets “as quickly as doable”. Consequently, customers should wait till a software program replace is prepared for his or her gadgets, and this course of may take weeks.
Discover more from News Journals
Subscribe to get the latest posts sent to your email.
