google says google and other android manufacturers haven't patched security flaws

Dado Ruvic / reuters

has disclosed several security flaws for phones that have Mali GPUs, such as those with Exynos chipsets. The company’s team says it flagged the problems to (which produces the GPUs) back in the summer. ARM resolved the issues on its end in July and August. However, smartphone manufacturers including Samsung, Xiaomi, Oppo and Google itself hadn’t deployed patches to fix the vulnerabilities as of earlier this week, Project Zero said.

Researchers identified five new issues in June and July and promptly flagged them to ARM. “One of these issues led to kernel memory corruption, one led to physical memory addresses being disclosed to userspace and the remaining three led to a physical page use-after-free condition,” Project Zero’s Ian Beer . “These would enable an attacker to continue to read and write physical pages after they had been returned to the system.”

Beer noted that it would be possible for a hacker to gain full access to a system as they’d be able to bypass the permissions model on Android and gain “broad access” to a user’s data. The attacker could do so by forcing the kernel to reuse the afore-mentioned physical pages as page tables.

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.

Not now

Project Zero found that, three months after ARM fixed these issues, all of the team’s test devices were still vulnerable to the flaws. As of Tuesday, the issues were not mentioned “in any downstream security bulletins” from Android manufacturers.

Engadget has contacted Google, Samsung, Oppo and Xiaomi to ask when they will deploy the fixes to their Android devices and why it has taken so long for them to do so. As notes, Samsung’s Galaxy S22 series devices and the company’s Snapdragon-powered handsets aren’t affected by these vulnerabilities.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.

TECH NEWS RELATED

Wi-Fi routers are being hit by a dangerous new Android malware with extra DNS hacks

With the DNS changed, users are redirected to malicious pages

View more: Wi-Fi routers are being hit by a dangerous new Android malware with extra DNS hacks

Is the 2023 Toyota RAV4 Too Old to Keep Up?

Today we’re putting the Toyota RAV4 in the spotlight to take a closer look at it. We know that there are tons of great things to say about it. It’s capable, spacious, and reliable. But is the 2023 Toyota RAV4 old? Is its age starting to show?  Is the 2023 ...

View more: Is the 2023 Toyota RAV4 Too Old to Keep Up?

The 2016 Hyundai Sonata Got ‘Nearly Everything Right’

Hyundai is building a reputation as an automaker that makes a lot of great cars. This is the case with the 2016 Hyundai Sonata, as Hyundai gave the car a lot of updates for that model year, and that made the car nearly flawless. Here’s a look at how the ...

View more: The 2016 Hyundai Sonata Got ‘Nearly Everything Right’

How to Remove Memories in Google Photos

Open a Memory from the Google Photos app and tap the three-dot menu icon. Then select “Hide” and choose “Remove This Memory.” Google Photos resurfaces old photos and videos in an aptly named feature called “Memories.” However, not all memories are good memories, and you may not want to ...

View more: How to Remove Memories in Google Photos

Now Google is axing jobs - 12,000 of them

Google joins in on Big Tech's latest trend - redundancies

View more: Now Google is axing jobs - 12,000 of them

The Best Hyundai SUVs for 2023: Midsize, Compact, and Crossover

Hyundai has some excellent SUVs in its lineup right now, all of which are reasonably priced to fit many budgets. The sport utility vehicles below come with Hyundai’s five-year/60,000-mile comprehensive coverage and 10 years/100,000 miles on key powertrain components. Here are three of the best Hyundai SUVs for 2023, packed ...

View more: The Best Hyundai SUVs for 2023: Midsize, Compact, and Crossover

Refreshed Mercedes CLA Gets Mild-Hybrid Technology

Both the ’24 Mercedes-Benz CLA and Mercedes-AMG CLA receive 48V electrical systems providing additional low-end horsepower.

View more: Refreshed Mercedes CLA Gets Mild-Hybrid Technology

Best Ways To Fix Slow Internet During VPN On Windows 11

Is your VPN slowing down your Internet connection on Windows 11? You’re not alone – many users experience the same issue. Having slow Internet while using a VPN can be incredibly frustrating, especially in the middle of a big project. Whether working from home or just trying to stream your ...

View more: Best Ways To Fix Slow Internet During VPN On Windows 11

Best free sports streaming apps in 2023

New software for millions of BMW vehicles with the latest software upgrade

After six months, the Galaxy A41 gets a new security update

Apple appeals to UK competition watchdog investigation about mobile browser dominance

9 Best Fix: Windows Won’t Recognize Android Device

Which Is a Better Used Sedan: the 2020 Chevrolet Impala or the 2020 Nissan Maxima?

Galaxy Tab S6 Lite Wi-Fi gets One UI 5.0 as its last major update

2023 Alfa Romeo Tonale PHEV: full pricing and specs revealed

8 Best Smart Home Automation Apps for Android and iOS

4 Reasons to Avoid the 2023 Nissan Maxima

One UI 5.0 feature focus: Create home screen widget stacks

Will 5G Make Me Use More Cellular Data?

OTHER TECH NEWS

Top Car News Car News