Oddbean new post about | logout
 Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits

The security flaw (CVE-2024-43047) was reported by Google Project Zero's Seth Jenkins and Amnesty International Security Lab's Conghui Wang, and it is caused by a use-after-free weakness that can lead to memory corruption when successfully exploited by local attackers with low privileges. See more:

https://www.bleepingcomputer.com/news/security/qualcomm-patches-high-severity-zero-day-exploited-in-attacks/

https://thehackernews.com/2024/10/qualcomm-urges-oems-to-patch-critical.html

#security