Millions of Android devices at risk of attack due to Arm Mali GPU driver flaws

Users using smartphones

Audio player loading…

Millions of Android devices are at risk of cyberattacks due to the slow and cumbersome patching (opens in new tab) process plaguing the decentralized mobile platform. 

Cybersecurity researchers from Google’s Project Zero team discovered a total of five vulnerabilities affecting the Arm Mali GPU driver. 

The flaws have been grouped under two identifiers – CVE-2022-33917, and CVE-202236449, and they allow threat actors a myriad of options, from accessing free memory sections, to writing outside of buffer bounds. They’ve all gotten a severity score of “medium”. 

More OEMs, slower patches

The flaws have since been patched, but hardware manufacturers are yet to apply these patches on their endpoints (opens in new tab). Unlike Apple, which is the sole creator of both hardware, and software, for the iPhone mobile ecosystem, Google is not the only company creating the software and hardware for Android.

Besides Google with its Pixel phone, there is a relatively large number of smartphone manufacturers building Android-powered devices, such as Samsung, LG, Oppo, and many others. All these companies have their own, modified versions of Android, and their own approach to hardware. That said, when a vulnerability is discovered, each original equipment manufacturer (OEM) needs to apply the patch to their own devices. That can take time, as these patches can sometimes conflict with the device’s drivers or other components.

And that’s exactly the problem here. 

The flaws affect Arm’s Mali GPU drivers codenamed Valhall, Bifrost, Midgard, and affect a long list of devices, including the Pixel 7, RealMe GT, Xiaomi 12 Pro, OnePlus 10R, Samsung Galaxy S10, Huawei P40 Pro, and many, many others. The entire list can be found here (opens in new tab)

Right now, there’s nothing users can do other than wait for their respective manufacturers to apply the patch, as it should be delivered to OEMs in a few weeks.

  • Here’s the rundown of the best firewalls (opens in new tab) right now

Via: BleepingComputer (opens in new tab)

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Powered By
Best Wordpress Adblock Detecting Plugin | CHP Adblock