All news with #qualcomm tag

U-Boot Bootloader: Improper Access to Volatile Boot Code

⚠️ U-Boot contains an improper access control vulnerability in volatile memory holding boot code (CVE-2025-24857) affecting all U-Boot versions prior to 2017.11 and several Qualcomm SoCs. Successful exploitation could allow arbitrary code execution; CISA reports a CVSS v4 base score of 8.6 with low attack complexity. Vendors advise upgrading to v2025.4, ensuring physical device security, and contacting Qualcomm support where appropriate.

Google fixes two Android zero-days, 107 vulnerabilities

🔒 Google released its December 2025 Android security bulletin addressing 107 vulnerabilities, including two zero-days (CVE-2025-48633 and CVE-2025-48572) that are reported to be under limited targeted exploitation. The flaws affect Android 13–16 and include information-disclosure and privilege‑escalation issues; the most critical fix this month is CVE-2025-48631 (DoS). Updates also include critical kernel fixes for Qualcomm and closed‑source vendors, and Samsung has ported fixes. Users should apply updates, keep Play Protect active, or move to supported builds.

Leaked iPad Pro M5 Benchmark Shows Significant Gains

🔍An alleged Apple M5 benchmark for an iPad Pro has surfaced on Geekbench, reporting a single-core score of 4,133 and a multi-core score of 15,437 for a variant clocked at about 4.42 GHz. The listing shows 12 GB of RAM, likely paired with 256 GB or 512 GB of storage. Early comparisons place the M5 narrowly ahead in single-thread tests versus Qualcomm's Snapdragon X Elite 2 but behind in multi-core throughput, underscoring Apple's strong per-core design.

Google fixes actively exploited Android flaws in September

🔒 Google has released the September 2025 Android security update addressing 84 vulnerabilities, including two zero-day flaws observed in limited, targeted exploitation: CVE-2025-38352 (Linux kernel) and CVE-2025-48543 (Android Runtime). The bulletin also patches four critical issues — including an RCE in the System component and three Qualcomm vulnerabilities affecting modem and data stacks. Users are urged to install security patch level 2025-09-01 or 2025-09-05 via Settings > System > Software updates > System update.