Qualcomm and Lenovo usher in 2023 with security patches

Share post:

Qualcomm and Lenovo have issued patches to manage different security flaws in their chipsets, some of which could be exploited to cause data leakage and memory corruption. Others include the company’s flagship SnapDragon processor chips, which affect products ranging from automobiles to powerline communications.

Some of the patches issued addresses Stack-based buffer overflow vulnerabilities can have serious consequences such as data corruption, system crashes, and arbitrary code execution. As well as Buffer over-reads, which can be weaponized to read out-of-bounds memory, exposing sensitive data.

Two bugs (CVE-2022-33218 and CVE-2022-33219) in automotive and one bug (CVE-2022-33265) in powerline communication firmware are among the 22 proprietary software issues released in Qualcomm’s January 2023 security bulletin, all of which are rated high or critical for severity and difficult to patch. Lenovo fixed four more buffer over-read vulnerabilities in the ThinkPad X13 BIOS that could lead to data disclosure. CVE-2022-4432, CVE-2022-4433, CVE-2022-4434, and CVE-2022-4435 are the flaws tracked.

According to Lenovo, successful exploitation of the aforementioned flaws could allow a local adversary with elevated privileges to cause memory corruption or leak sensitive information.

The vulnerabilities also have knock-on effects. Lenovo adopted Qualcomm’s chip, and the five bugs Binarly reported to Qualcomm also affect Lenovo ThinkPad X13s, prompting the company to release BIOS updates to close the security gap.

The sources for this piece include an article in TheHackerNews.

Featured Tech Jobs



Related articles

Meta unveils Meta Quest 3 headset

In an Instagram post, Meta announced the forthcoming release of the Meta Quest 3 headset. Meta claimed to be...

Kaspersky uncovers malware targeting iPhones running iOS 15.7 and below

Kaspersky has uncovered a sophisticated malware campaign specifically designed to infect iPhones running up to iOS 15.7 through...

Apple’s App Store ecosystem generate $1.1 Trillion in developer billings and sales in 2022

According to a study done by Analysis Group, the whole ecosystem of Apple's App Store earned $1.1 trillion...

Dell beats profit estimates in Q1

After a drop in demand, Dell exceeded earnings estimates in the first quarter, indicating a brighter future for...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways