Skip to content

3 Adreno GPU zero-days exploited by hackers patched

  • by
  • 2 min read

Qualcomm has issued security patches for three zero-day security vulnerabilities affecting its Adreno GPU drivers. These vulnerabilities affected multiple chipsets and have already been exploited in the wild.

The three vulnerabilities are as follows:

  • CVe-2025-21479: This is a graphics framework incorrect authorisation issue that can cause memory corruption. Reported by Google’s Android security team in late January 2025.
  • CVE-2025-21480: Another graphics framework incorrect authorisation issue with similar consequences. Reported by Google’s Android security team in late January 2025.
  • CVE-2025-27038: Use-after-free bug causing memory corruption during graphics rendering with Adreno GPU drivers in Chrome. Reported in March 2025.

Qualcomm’s advisory clearly warns against “limited, targeted exploitation” of all three vulnerabilities. However, it might be a while before the update starts rolling out from individual manufacturers. In Qualcomm’s own words:

This is an image of spyware malware cybersecurity privacy featured 31

There are indications from Google Threat Analysis Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 may be under limited, targeted exploitation. Patches for the issues affecting the Adreno Graphics Processing Unit (GPU) driver have been made available to OEMs in May together with a strong recommendation to deploy the update on affected devices as soon as possible.

Qualcomm has been quite busy patching bugs in its chipsets. The company also fixed a buffer overflow issue in its data network stack and connectivity module dubbed CVE-2024-53026. Hackers were using the vulnerability to intercept RTCP packets sent during VoLTE or VoWi-Fi IMS calls to gain access to sensitive information.

Due to the sensitive nature of its components, vulnerabilities exploited can become a major headache for the vendor and device manufacturer alike, as they can potentially bypass any security protection the OS running on the target device might want to implement. In October 2024, Qualcomm addressed a similar issue when a vulnerability, dubbed CVE-2024-43047, was exploited by the Serbian Information Agency (BIA) and the Serbian police to unlock seized Android devices belonging to activists, journalists, and others.

In the News: Chinese hackers are using Google Calendar to target governments

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

How to download print google calendar? | candid. Technology

Chinese hackers are using Google Calendar to target governments

Illustration: jmiks | shutterstock

Fake AI software installers are spreading ransomware

This is an image of router vs wifi

ASUS routers hacked in mass backdoor campaign

This is an image of dark web hacker security

Victoria’s Secret website taken down after cyber attack

This is an image of spyware malware cybersecurity privacy featured 31

Virgin Media’s O2 network exposed customer phone locations

This is an image of malware featured security

Hackers caught using fake AI websites to spread malware

>