Just a moment...
www.bleepingcomputer.com

cross-posted from: https://infosec.pub/post/18563178

Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. […]

  • limerod@reddthat.comMEnglish
    3·
    1 day ago

    Also is Lineage OS shipping patches? I know many devices have been abandoned by the vendors so it is entirely possible this will go unpatched in older devices

    This is a vulnerability in a proprietary Qualcomm’s DSP. The patch will only be made available to OEMs. LineageOS cannot patch this vulnerability if the device itself is no longer receiving official updates.

    • ReversalHatchery@beehaw.orgEnglish
      1·
      2 hours ago

      how and when is the DSP used, though?

      and what kind of code can take advantage of this? apps? javascript in browser apps? or a non-app system process with a specific privilege?