Qualcomm has released its March 2025 Security Bulletin, addressing a range of vulnerabilities affecting various products, including automotive systems, mobile chipsets, and networking devices. The bulletin details fixes for several critical vulnerabilities, including potential memory corruption issues and improper input validation flaws.
Among the critical vulnerabilities addressed are several affecting automotive systems, including those impacting the QNX operating system (CVE-2024-53012, CVE-2024-53022, CVE-2024-53029, CVE-2024-53030, CVE-2024-53031, CVE-2024-53032) and vehicle networks (CVE-2024-53028). These vulnerabilities could potentially allow attackers to gain local access and control over critical vehicle functions.
The bulletin also addresses vulnerabilities in various Qualcomm chipsets used in mobile devices and other technologies. These vulnerabilities range from denial-of-service (DoS) vulnerabilities to potential remote code execution flaws.
In addition to proprietary software fixes, the bulletin also includes patches for vulnerabilities found in open-source software components used in Qualcomm products. These vulnerabilities affect a range of areas, including the Android operating system, camera drivers, and multimedia frameworks.
Qualcomm has notified its customers and partners about these vulnerabilities and is urging them to apply the necessary patches as soon as possible. Users of Qualcomm products are advised to check with their device manufacturers for information on the availability of patches and updates.
For a detailed list of affected devices and official patches, visit Qualcomm’s security bulletin page.
Related Posts:
- Android’s Future: 8 Years of Security with Qualcomm & Google
- Critical Zero-Day Automotive Systems Vulnerabilities Exposed
- The EU unease about Broadcom attempts to buy Qualcomm: Privacy data may be leaked
