Qualcomm chips invite attacks
Many Android users are currently being asked to install security updates provided by the manufacturers as quickly as possible, because the Qualcomm chips found in most systems have massive vulnerabilities.
Driver as a bridge
Security researchers at Google have discovered security vulnerabilities in the Adreno GPUs used in Snapdragon SoCs. Attackers can use the GPU drivers to take over the entire device, as they have kernel privileges and can thus bypass all of the operating system’s protective measures, reported the US magazine Wired. At the Defcon security conference in Las Vegas, three Google researchers presented more than nine vulnerabilities they had discovered in Qualcomm’s Adreno GPU.
The problems originated in a software suite used to coordinate between GPUs and an operating system such as Android on Qualcomm-based phones. Exploiting this attack vector is made particularly easy by the fact that applications on Android phones can communicate directly with the Adreno GPU driver, “without sandboxing and without additional permission checks,” as Xuan Xing, manager of Google’s Android Red Team, explained.
Manual update
This alone does not give applications the ability to run on their own, but it does make GPU drivers a bridge between the regular parts of the operating system and the system kernel. The researchers say that the vulnerabilities they uncovered are all bugs that result from the intricacies and complicated connections that GPU drivers must manage to coordinate all operations.
To exploit the vulnerabilities, attackers would first have to gain access to a target device, for example by tricking victims into installing malicious apps. A patch that Qualcomm has now released offers protection. However, it may take some time for this to reach Android devices via automatic updates. It is therefore advisable to initiate a software update manually.
