The chipmaker Qualcomm has issued security upgrades to address 17 flaws in various components, but it has also issued a warning that three other zero-day vulnerabilities are currently being actively exploited. Three of the 17 defects are considered Critical, 13 are considered High, and one is considered Medium in terms of severity.
“There are indications from Google Threat Analysis Group and Google Project Zero that CVE-2023-33106, CVE-2023-33107, CVE-2022-22071, and CVE-2023-33063 may be under limited, targeted exploitation,” the semiconductor manufacturer stated in an advisory.x000D The Adreno GPU and Compute DSP drivers’ problems have been fixed with patches, and OEMs have been alerted with a strong advice to implement security updates as soon as possible.