The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:
Qualcomm this week addressed 20 vulnerabilities in its products, including a potential zero-day issue tracked as CVE-2024-43047 (CVSS score 7.8). The vulnerability stems from a use-after-free bug that could lead to memory corruption.
The zero-day vulnerability resides in the Digital Signal Processor (DSP) service and impacts dozens of chipsets.
“Currently, the DSP updates header buffers with unused DMA handle fds. In the put_args section, if any DMA handle FDs are present in the header buffer, the corresponding map is freed. However, since the header buffer is exposed to users in unsigned PD, users can update invalid FDs. If this invalid FD matches with any FD that is already in use, it could lead to a use-after-free (UAF) vulnerability.” reads the DSP kernel commit. “As a solution,add DMA handle references for DMA FDs, and the map for the FD will be freed only when a reference is found.”
The flaw was reported by cybersecurity researchers Seth Jenkins from Google Project Zero and Conghui Wang from Amnesty International Security Lab. Jenkins Hopefully recommends addressing the issue on Android devices as soon as possible.
Google Threat Analysis Group claims that CVE-2024-43047 may be under limited, targeted exploitation, Wang also confirms in-the-wild activity.
The researchers haven’t published details about the attacks exploiting the CVE-2024-43047, however, the reporting organizations are known for investigating cyberattacks linked to commercial spyware vendors.
Regarding the Microsoft flaws added by CISA to the KEV catalog, both issues were addressed by the IT giant in Patch Tuesday security updates for October 2024.
Microsoft confirmed that both issues are under active exploitation in the wild.
CISA orders federal agencies to fix this vulnerability by October 29, 2024.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, CISA)