HomeTechnologyGoogle fails to fix...

Google fails to fix Android vulnerability, and Google itself denounces it

Project Zero has discovered a vulnerability in the ARM Pixel architecture | Font: PTR

adUnits.push({
code: ‘Rpp_tecnologia_moviles_Nota_Interna1’,
mediaTypes: {
banner: {
sizes: (navigator.userAgent.match(/iPhone|android|iPod/i)) ? [[300, 250], [320, 460], [320, 480], [320, 50], [300, 100], [320, 100]] : [[300, 250], [320, 460], [320, 480], [320, 50], [300, 100], [320, 100], [635, 90]]
}
},
bids: [{
bidder: ‘appnexus’,
params: {
placementId: ‘14149971’
}
},{
bidder: ‘rubicon’,
params: {
accountId: ‘19264’,
siteId: ‘314342’,
zoneId: ‘1604128’
}
},{
bidder: ‘amx’,
params: {
tagId: ‘MTUybWVkaWEuY29t’
}
},{
bidder: ‘oftmedia’,
params: {
placementId: navigator.userAgent.match(/iPhone|android|iPod/i) ? ‘22617692’: ‘22617693’
}
}]
});

Android is often a headache for Google for various reasons, and security is one of them. The effort to streamline patch updates has paid off for years, but there are still issues on the beat. However, it is curious that Google found bug fixes within the cult brand: own pixel.

According to the latest post Project ZeroThe Pixel development team did not resolve a conflict in ARM GPU drivers, a loophole that allows an attacker to gain write permissions to Google phones and other signatures.

“An attacker running native code in the context of an application can gain full system access, bypassing the Android permissions model and gaining wide access to user data.” Jann Horn, researcher at Project Zero, says.

Qualcomm is safe, but not everything else

This affected ARM GPU spans three previous generations of architectures, focusing on brands such as Samsung’s Exynos versions, Google Tensor, and MediaTek. In this case, Qualcomm uses Adreno for the graphics part, so it stays safe from the rest.

From this point of view, this vulnerability affects millions of smartphones in the world. According to Engadget, Google noted that “The solution provided by Arm is currently being tested for Android and Pixel devices and will ship in the coming weeks. Android OEMs will need to install a hotfix to comply with future SPL requirements.”

ARM has been notified

Project Zero said it submitted this assessment to ARM between June and July 2022 in hopes of fixing the vulnerability, which was patched in August. However, during testing of the hardware, the researchers found that Google and other OEMs did not apply this solution to end-user phones with embedded Mali graphics.

“Just as users are encouraged to install patches as soon as possible after the release of a version containing security updates, the same applies to vendors and companies.” highlights Project Zero. “Perhaps minimizing ‘missing patches’ as a vendor in these scenarios is more important as end users (or other downstream vendors) block this action before they can get the security benefits of a patch.”

Source: RPP

- A word from our sponsors -

Most Popular

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More from Author

- A word from our sponsors -

Read Now

The entire government of Francies was displeased with food

The French parliament expressed a distrust of the government of Francois Barus. .in_text_content_22 {width: 300px; Height: 600px; } @Media (min-width: 600px) {.in_text_content_22 {width: 580px; Height: 400px; }} .Adsbygoogle {Touch-Action: Manipulation; } On Monday, September 8, at an extraordinary session of the...

The Ukrainian fleet showed a shorter boat Dron Barracuda (Vidido)

The inconsistent boat of the barracuda appeared in the service with the Armed Forces of the Armed Forces. .in_text_content_22 {width: 300px; Height: 600px; } @Media (min-width: 600px) {.in_text_content_22 {width: 580px; Height: 400px; }} .Adsbygoogle {Touch-Action: Manipulation; } The latest drone is...

The army of the Russian Federation will establish a fire control of the outlines

The Russian army plans to establish a fire control over the outskirts of Slavyansk. .in_text_content_22 {width: 300px; Height: 600px; } @Media (min-width: 600px) {.in_text_content_22 {width: 580px; Height: 400px; }} .Adsbygoogle {Touch-Action: Manipulation; } Invooked units continue to try to get control...