Qualcomm has released security patches for three actively exploited zero-day vulnerabilities in the Adreno GPU driver that affect numerous chipsets. These patches are part of ongoing efforts to address complex GPU and system security flaws exploited in targeted attacks. #AdrenoGPU #CVE2025-21479 #CVE2025-21480 #CVE2025-27038
Keypoints
- Qualcomm released security updates for three critical GPU driver vulnerabilities.
- The vulnerabilities include memory corruption issues caused by unauthorized command execution.
- Google Threat Analysis Group has indicated limited, targeted exploitation of these flaws.
- Other security fixes in recent months include addressing a buffer over-read and a zero-day used by threat actors.
- Past patches also protected against exploits that could access sensitive user data or bypass device security.