Researchers from Google’s Android Red Team have discovered more than nine vulnerabilities in Adreno GPU, Qualcomm’s popular software used to manage the mobile chips in millions of Android devices. The team spoke about this at the Defcon cybersecurity conference in Las Vegas.
The vulnerabilities, which have now been patched, allowed attackers to gain full control of the device. However, to do this, they first had to gain access to the target device, for example, by tricking the victim into installing a malicious application, Wired explains.
The problem is that any application on Android phones can directly interact with the Adreno GPU driver “without sandboxing or additional checks,” explains Xuan Xing, head of the Android Red Team. While this in itself does not give applications the ability to act maliciously, it does make GPU drivers a bridge between parts of the operating system and its kernel, providing complete control over the entire device, including its memory.
Experts note that GPUs and the software that supports them can become a critical battleground in the field of computer security, since the combination of high implementation complexity and widespread availability is of particular interest to attackers.
Qualcomm has already released patches to original equipment manufacturers (OEMs) in May 2024 and has recommended that end users install security updates from device manufacturers as they become available.
Image Source: Mediatonic Among the available formats are team deathmatch, every man for himself, and…
Seasonic has released the PRIME PX-2200 2200 W power supply. The new product was first…
The ability of modern automation to control vehicles without human intervention is limited by a…
GPUs, originally created for creating three-dimensional images, have performed well in the field of accelerating…
South Korean electronics maker Samsung Display plans to invest $1.8 billion this year to build…
More and more users are complaining about problems with the responsiveness of the iPhone 16…