Researchers from Google’s Android Red Team have discovered more than nine vulnerabilities in Adreno GPU, Qualcomm’s popular software used to manage the mobile chips in millions of Android devices. The team spoke about this at the Defcon cybersecurity conference in Las Vegas.
Image source: Pete Linforth/Pixabay
The vulnerabilities, which have now been patched, allowed attackers to gain full control of the device. However, to do this, they first had to gain access to the target device, for example, by tricking the victim into installing a malicious application, Wired explains.
The problem is that any application on Android phones can directly interact with the Adreno GPU driver “without sandboxing or additional checks,” explains Xuan Xing, head of the Android Red Team. While this in itself does not give applications the ability to act maliciously, it does make GPU drivers a bridge between parts of the operating system and its kernel, providing complete control over the entire device, including its memory.
Experts note that GPUs and the software that supports them can become a critical battleground in the field of computer security, since the combination of high implementation complexity and widespread availability is of particular interest to attackers.
Qualcomm has already released patches to original equipment manufacturers (OEMs) in May 2024 and has recommended that end users install security updates from device manufacturers as they become available.
Aerospace company Blue Origin successfully conducted its tenth suborbital flight, during which six tourists visited…
After a series of delays, Microsoft has begun rolling out its AI Recall feature to…
ZTE has introduced an inexpensive smartphone Nubia V70 Design. In some markets, the device will…
Baldur's Gate 3 is full of situations where the success of the entire mission depends…
Malcolm Shit, and. O. The Lord of the North, was very tired of hanging and…
Nvidia is heavily dependent on a handful of its largest customers, which actively buy computing…