Google has announced the existence of a number of security vulnerabilities in smartphones with Mali GPUs that have not been fixed by the Android developer and smartphone manufacturers based on this software platform. According to available data, the Google Project Zero team working in the field of information security reported the problem to Arm as early as this summer, but the vulnerabilities continue to be relevant.
It is noted that, for its part, Arm has eliminated the identified security flaws, but smartphone manufacturers such as Samsung, Xiaomi, Oppo and Google, as of the beginning of this week, have not released patches to solve the security problem of user devices. We are talking about five vulnerabilities of varying severity. According to reports, one of these problems leads to kernel memory corruption, another to the disclosure of physical memory addresses, and the remaining three to changing the physical pages of virtual memory.
Exploitation of these vulnerabilities could allow an attacker to gain full access to a victim’s device, despite Android restrictions. The Project Zero team disclosed these vulnerabilities three months after they were patched by Arm. When exactly smartphone manufacturers will release fixes for these vulnerabilities is still unknown.
If you notice an error, select it with the mouse and press CTRL + ENTER.