Subj : Google urgently patches major Qualcomm security flaw hitting Andr To : All From : TechnologyDaily Date : Wed Aug 06 2025 22:30:07 Google urgently patches major Qualcomm security flaw hitting Android phones - so make sure you update now Date: Wed, 06 Aug 2025 21:28:00 +0000 Description: Security flaws were being exploited in the wild, most likely by nation-state threat actors, Google warns. FULL STORY ======================================================================Android phones possibly under threat from worrying security threat Qualcomm releases fix for two major flaws in May and urged OEMs to apply it Google released a patch, so users should update now Google has patched a major vulnerability affecting Android smartphones which is being actively exploited in the wild. In June 2025, Qualcomm publicly announced discovering three vulnerabilities: CVE-2025-21479, CVE-2025-21480, CVE-2025-27038, saying they were indications from Google Threat Analysis Group (TAG) the flaws were being used in limited, targeted exploitation. TAG specifically focuses on tracking state-sponsored threat actors, along with other highly sophisticated hacking groups, so if these were being used in limited and targeted exploitation, its safe to assume that these were nation-states targeting high-value individuals such as diplomats, journalists, dissidents, scientists, and similar. CISA sounds the alarm At the time, Qualcomm also urged OEMs (such as Google), to deploy the patch in their products without delay. "Patches for the issues affecting the Adreno Graphics Processing Unit (GPU) driver have been made available to OEMs in May together with a strong recommendation to deploy the update on affected devices as soon as possible," Qualcomm said. Google has now issued it August 2025 update for Android , which includes fixes for two of the flaws: CVE-2025-21479 and CVE-2025-27038. The former is described as memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands, and was given a severity score of 8.6/10 (high). The latter is described as memory corruption while rendering graphics using Adreno GPU drivers in Chrome, with a severity score of 7.5/10 (high). The US Cybersecurity and Infrastructure Security Agency (CISA) also added these two bugs to its Known Exploited Vulnerabilities (KEV) catalog on June 3, giving Federal Civilian Executive Branch (FCEB) organizations a three-week deadline to patch up, or stop using vulnerable software entirely. Given Androids decentralized structure, it is safe to assume that different devices (for example, Samsungs Galaxy lineup, or OnePlus One lineup) will be getting these updates at different times. Pixel, being Googles lineup of mobile phones, will most likely receive the updates first. Via BleepingComputer You might also like Major Android security update patches a host of actively exploited flaws, so download now Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/google-patches-major-qualcomm-security- flaw-hitting-android-phones-heres-what-we-know --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .