EXC: Security researchers at Google and Amnesty International discovered hackers exploiting the bug in an active hacking campaign.
By Tyler Sorensen and Heidy Khlaaf We are disclosing LeftoverLocals: a vulnerability that allows recovery of data from GPU local memory created by another process on Apple, Qualcomm, AMD, and Imagination GPUs. LeftoverLocals impacts the security posture of GPU applications as a whole, with particular significance to LLMs and ML models run on impacted GPU…
The critical bug that could lead to a remote attack via voice call is one of 26 vulnerabilities affecting hundreds of Qualcomm chipsets.
Qualcomm has disclosed details about three high-severity security vulnerabilities that were exploited in limited, targeted attacks in October 2023.
In this vulnerability disclosure report, we discuss details of 5Ghoul – a family of implementation-level 5G vulnerabilities. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek. Consequently, many 5G-capable commercial products such as smartphones, Customer-premises Equipment (CPE) routers and USB modems are potentially impacted due to the employment of vulnerable 5G modems in such products. In total, we have found 12 new vulnerabilities (14 total), out of which 10 affect 5G modems from Qualcomm and MediaTek. More importantly, three of these ten vulnerabilities are confirmed to have high severity. We also wrote a scraper to send crafted queries to https://www.kimovil.com/en/ and to have an estimate on the number of smartphone models affected due to these vulnerabilities. We found over 710 smartphone models that are currently in the market to be affected. We emphasize that the actual number of affected models might be more, as firmware code is often shared across different modem versions. In this disclosure report, we also demonstrate the exploitation of 5Ghoul vulnerabilities to drop and freeze 5G connection on smartphones and CPE routers. We also show downgrade attacks across multiple smartphones that result in downgrading the 5G connection to 4G.
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.
During our security research we found that smart phones with Qualcomm chip secretly send personal data to Qualcomm. This data is sent without user consent, unencrypted, and even when using a Google-free Android distribution. This is possible because the Qualcomm chipset itself sends the data, circumventing any potential Android operating system setting and protection mechanisms. Affected smart phones are Sony Xperia XA2 and likely the Fairphone and many more Android phones which use popular Qualcomm chips.
WPA stands for will-provide-access, if you can successfully exploit a target's setup
