Patches not applied, millions of Android devices vulnerable

Patches not applied, millions of Android devices vulnerable
Patches not applied, millions of Android devices vulnerable

A set of exploitable flaws in ARM GPU drivers has still not been fixed on Android devices. Several million smartphones are potentially vulnerable.

There is always a time lag between when vulnerabilities are discovered, when fixes are put in place, and when updates are applied. But during this time, hackers do not hesitate to seize this opportunity to attack terminals or vulnerable software. And that’s what it’s all about with a set of five active and patched vulnerabilities in ARM’s Mali GPU driver found on various SoCs (MediaTek, HiSilicon Kirin and Exynos). The problem is that the patches are still not applied several months after their publication.

Devices from Google, Samsung, Xiaomi, Oppo and other phone manufacturers are currently affected and are awaiting firmware updates. At the origin of this alert, there is the Project Zero team from Google who highlighted this “patch lag”. OEM partners often need time to test fixes and implement them in devices.

Several drivers affected by the flaws

The faults in question were discovered last June. They are listed as CVE-2022-33917 and CVE-2022-36449 (collective identifier for several security issues). The first group of flaws gives an unprivileged user the means to perform inappropriate GPU processing to access sections of free memory. The vulnerability impacts Arm Valhall Mali GPU core drivers r29p0 to r38p0. The second group of vulnerabilities makes it possible for an unprivileged user to access freed memory, and allows the user to write across buffer boundaries and leak details of memory mappings. It affects GPU core drivers Arm Mali Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.

Project Zero identifies these issues as 2325, 2327, 2331, 2333, and 2334 and has leaked technical details for each, along with demo code. Although the severity of these bugs is medium, they are exploitable and impact a large number of Android devices. Valhall drivers are used in Mali G710, G610 and G510 chips found inside Google Pixel 7, Asus ROG Phone 6, Redmi Note 11 and 12, Honor 70 Pro, RealMe GT, Xiaomi 12 Pro, Oppo Find X5 Pro and Reno 8 Pro, Motorola Edge and OnePlus 10R. Bifrost drivers are found in older (2018) Mali G76, G72 and G52 chips used by Samsung Galaxy S10, S9, A51 and A71, Redmi Note 10, Huawei P30 and P40 Pro, Honor View 20, Motorola Moto G60S and Realme 7. Finally, Midgard drivers are integrated into even older (2016) chips from the Mali T800 and T700 series, which can be found inside the Samsung Galaxy S7 and Note 7, Sony Xperia X XA1, Huawei Mate, etc. 8, Nokia 3.1, LG X and Redmi Note 4.

The article is in French

Tags: Patches applied millions Android devices vulnerable

PREV This Philips OneBlade sees its price collapse, perfect as a Christmas present
NEXT Trial for human trafficking: Kalib Rahi’s lawyer destroys the credibility of the plaintiff