Na ngwugwu mgbawa ikuku nke Qualcomm adịghị ike atọ ewepụtara n'okpuru codename "QualPwn". Esemokwu mbụ (CVE-2019-10539) na-enye ohere ka a wakpo ngwaọrụ gam akporo site na Wi-Fi. Nsogbu nke abụọ dị na firmware nwe nke nwere eriri ikuku Qualcomm ma na-enye ohere ịnweta modem baseband (CVE-2019-10540). Nsogbu nke atọ na icnss ọkwọ ụgbọala (CVE-2019-10538) na-eme ka o kwe omume iji nweta ogbugbu nke koodu ya na kernel larịị nke gam akporo ikpo okwu. Ọ bụrụ na ejiri ngwakọta nke adịghị ike ndị a eme ihe nke ọma, onye na-awakpo ahụ nwere ike nweta njikwa ngwaọrụ onye ọrụ nke Wi-Fi na-arụ ọrụ (mwakpo a chọrọ ka ejikọta onye ahụ na onye mwakpo ahụ na otu netwọk ikuku).
E gosipụtara ikike mbuso agha maka ekwentị Google Pixel2 na Pixel3. Ndị ọrụ nyocha na-eche na nsogbu ahụ nwere ike imetụta ihe karịrị 835 puku ngwaọrụ dabere na Qualcomm Snapdragon 835 SoC na ibe ọhụrụ (malite na Snapdragon 835, WLAN firmware jikọtara ya na sistemụ modem wee rụọ ọrụ dị ka ngwa dịpụrụ adịpụ na oghere onye ọrụ). Site na Qualcomm, nsogbu ahụ na-emetụta ọtụtụ ibe iri na abụọ dị iche iche.
Ugbu a, naanị ozi izugbe banyere adịghị ike dị, yana nkọwa a ga-ekpughe na August 8 na ogbako Black Hat. A mara ọkwa Qualcomm na Google maka nsogbu ndị ahụ na March ma wepụtalarị ndozi (Qualcomm gwara maka nsogbu ndị dị na , na Google edozila adịghị ike na Android ikpo okwu update). Ndị ọrụ ngwaọrụ niile dabere na ibe Qualcomm ka akwadoro ka ịwụnye mmelite dị.
Na mgbakwunye na okwu metụtara ibe Qualcomm, mmelite August na ikpo okwu gam akporo na-ewepụkwa adịghị ike dị oke egwu (CVE-2019-11516) na Broadcom Bluetooth stack, nke na-enye onye na-awakpo ohere mebie koodu ha n'ọnọdụ nke usoro ihe ùgwù. na-eziga arịrịọ mbufe data emepụtara nke ọma. Akwụsịla adịghị ike (CVE-2019-2130) na ngwa sistemụ gam akporo nke nwere ike inye ohere mmezu koodu site na oke oke mgbe ị na-ahazi faịlụ PAC emebere nke ọma.
isi: opennet.ru