1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google urgently patches major Qualcomm security flaw hitting Andr

    From TechnologyDaily@1337:1/100 to All on Wed Aug 6 22:30:07 2025
    Google urgently patches major Qualcomm security flaw hitting Android phones - so make sure you update now

    Date:
    Wed, 06 Aug 2025 21:28:00 +0000

    Description:
    Security flaws were being exploited in the wild, most likely by nation-state threat actors, Google warns.

    FULL STORY ======================================================================Android phones possibly under threat from worrying security threat Qualcomm releases fix for two major flaws in May and urged OEMs to apply it Google released a patch, so users should update now

    Google has patched a major vulnerability affecting Android smartphones which is being actively exploited in the wild.

    In June 2025, Qualcomm publicly announced discovering three vulnerabilities: CVE-2025-21479, CVE-2025-21480, CVE-2025-27038, saying they were indications from Google Threat Analysis Group (TAG) the flaws were being used in limited, targeted exploitation.

    TAG specifically focuses on tracking state-sponsored threat actors, along
    with other highly sophisticated hacking groups, so if these were being used
    in limited and targeted exploitation, its safe to assume that these were nation-states targeting high-value individuals such as diplomats,
    journalists, dissidents, scientists, and similar. CISA sounds the alarm

    At the time, Qualcomm also urged OEMs (such as Google), to deploy the patch
    in their products without delay.

    "Patches for the issues affecting the Adreno Graphics Processing Unit (GPU) driver have been made available to OEMs in May together with a strong recommendation to deploy the update on affected devices as soon as possible," Qualcomm said.

    Google has now issued it August 2025 update for Android , which includes
    fixes for two of the flaws: CVE-2025-21479 and CVE-2025-27038.

    The former is described as memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands, and was given a severity score of 8.6/10 (high). The latter is described as
    memory corruption while rendering graphics using Adreno GPU drivers in
    Chrome, with a severity score of 7.5/10 (high).

    The US Cybersecurity and Infrastructure Security Agency (CISA) also added these two bugs to its Known Exploited Vulnerabilities (KEV) catalog on June
    3, giving Federal Civilian Executive Branch (FCEB) organizations a three-week deadline to patch up, or stop using vulnerable software entirely.

    Given Androids decentralized structure, it is safe to assume that different devices (for example, Samsungs Galaxy lineup, or OnePlus One lineup) will be getting these updates at different times. Pixel, being Googles lineup of mobile phones, will most likely receive the updates first.

    Via BleepingComputer You might also like Major Android security update patches a host of actively exploited flaws, so download now Take a look at
    our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/google-patches-major-qualcomm-security- flaw-hitting-android-phones-heres-what-we-know


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)