Google discovers new vulnerability affecting Android devices with Qualcomm chipsets - News

23/March/2021

Google is warning of a newly discovered 0-day vulnerability affecting Android devices with Qualcomm chipsets that is being used by hackers to launch targeted attacks.

The newly discovered now-patched vulnerability is tracked as CVE-2020-11261 (CVSS score 8.4).
The flaw concerns an "improper input validation" issue in Qualcomm's Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests access to a huge chunk of the device's memory.

CVE-2020-11261 was discovered and reported to Qualcomm by Google's Android Security team on July 20, 2020, after which it was fixed in January 2021.. thehackernews.com