"Qualcomm Patches High-Severity Zero-Day Exploited in Attacks"

Qualcomm has released security patches to address a zero-day vulnerability in the Digital Signal Processor (DSP) service, which affects dozens of chipsets. Google Project Zero's Seth Jenkins and Amnesty International Security Lab's Conghui Wang reported the security flaw. It is stems from a use-after-free vulnerability that, if successfully exploited by local attackers with low privileges, can result in memory corruption. As Qualcomm warned in an advisory, security researchers with Google's Threat Analysis Group and Amnesty International Security Lab identified the vulnerability as being exploited in the wild. This article continues to discuss findings regarding the DSP service flaw.

BleepingComputer reports "Qualcomm Patches High-Severity Zero-Day Exploited in Attacks"

Submitted by grigby1
 

Submitted by Gregory Rigby on