android security flaw, google project zero, mali gpu

Representative image.

Google’s team of security researchers called Project Zero has said Android models from various manufacturers are vulnerable to flaws that are now months old.

Security researcher Jann Horn found five exploitable vulnerabilities in the ARM Mali GPU driver, and they affected all Android smartphones with a Mali GPU.

These vulnerabilities allow a bad actor to gain control of an Android smartphone, potentially stealing personal data from the devices.

Project Zero says that they reported the exploits, as they were discovered, to ARM between June and July 2022. These were fixed in July and August 2022.

“One of these issues (2334) leads to kernel memory corruption, one (2331) leads to physical memory addresses being disclosed to userspace and the remaining three (2325, 2327, 2333) lead to a physical page use-after-free condition. These would enable an attacker to continue to read and write physical pages after they had been returned to the system,” Project Zero’s Ian Beer wrote in a blog post.

The team then waited an additional 30 days before full public disclosure and finally, in September 2022, reported the flaws to the public at large.

Then, during routine follow-up bug reports and additional checks, Project Zero discovered that the flaws were still present and that all Android smartphones with Mali GPUs remained vulnerable.

Beer wrote that “minimizing the patch gap” as a vendor in these scenarios is arguably more important, as end users (or other vendors downstream) are blocking on this action before they can receive the security benefits of the patch.”

Curiously, these patches affect Google’s own Pixel line as well. They also extend to phones from Samsung, Oppo, Xiaomi and more.

In a statement provided to Engadget, a Google spokesperson said, “The fix provided by ARM is currently undergoing testing for Android and Pixel devices and will be delivered in the coming weeks. Android OEM partners will be required to take the patch to comply with future SPL requirements.”

TECH NEWS RELATED

Wi-Fi routers are being hit by a dangerous new Android malware with extra DNS hacks

With the DNS changed, users are redirected to malicious pages

View more: Wi-Fi routers are being hit by a dangerous new Android malware with extra DNS hacks

Is the 2023 Toyota RAV4 Too Old to Keep Up?

Today we’re putting the Toyota RAV4 in the spotlight to take a closer look at it. We know that there are tons of great things to say about it. It’s capable, spacious, and reliable. But is the 2023 Toyota RAV4 old? Is its age starting to show?  Is the 2023 ...

View more: Is the 2023 Toyota RAV4 Too Old to Keep Up?

The 2016 Hyundai Sonata Got ‘Nearly Everything Right’

Hyundai is building a reputation as an automaker that makes a lot of great cars. This is the case with the 2016 Hyundai Sonata, as Hyundai gave the car a lot of updates for that model year, and that made the car nearly flawless. Here’s a look at how the ...

View more: The 2016 Hyundai Sonata Got ‘Nearly Everything Right’

How to Remove Memories in Google Photos

Open a Memory from the Google Photos app and tap the three-dot menu icon. Then select “Hide” and choose “Remove This Memory.” Google Photos resurfaces old photos and videos in an aptly named feature called “Memories.” However, not all memories are good memories, and you may not want to ...

View more: How to Remove Memories in Google Photos

Now Google is axing jobs - 12,000 of them

Google joins in on Big Tech's latest trend - redundancies

View more: Now Google is axing jobs - 12,000 of them

The Best Hyundai SUVs for 2023: Midsize, Compact, and Crossover

Hyundai has some excellent SUVs in its lineup right now, all of which are reasonably priced to fit many budgets. The sport utility vehicles below come with Hyundai’s five-year/60,000-mile comprehensive coverage and 10 years/100,000 miles on key powertrain components. Here are three of the best Hyundai SUVs for 2023, packed ...

View more: The Best Hyundai SUVs for 2023: Midsize, Compact, and Crossover

Refreshed Mercedes CLA Gets Mild-Hybrid Technology

Both the ’24 Mercedes-Benz CLA and Mercedes-AMG CLA receive 48V electrical systems providing additional low-end horsepower.

View more: Refreshed Mercedes CLA Gets Mild-Hybrid Technology

Best Ways To Fix Slow Internet During VPN On Windows 11

Is your VPN slowing down your Internet connection on Windows 11? You’re not alone – many users experience the same issue. Having slow Internet while using a VPN can be incredibly frustrating, especially in the middle of a big project. Whether working from home or just trying to stream your ...

View more: Best Ways To Fix Slow Internet During VPN On Windows 11

Best free sports streaming apps in 2023

New software for millions of BMW vehicles with the latest software upgrade

After six months, the Galaxy A41 gets a new security update

Apple appeals to UK competition watchdog investigation about mobile browser dominance

9 Best Fix: Windows Won’t Recognize Android Device

Which Is a Better Used Sedan: the 2020 Chevrolet Impala or the 2020 Nissan Maxima?

Galaxy Tab S6 Lite Wi-Fi gets One UI 5.0 as its last major update

2023 Alfa Romeo Tonale PHEV: full pricing and specs revealed

8 Best Smart Home Automation Apps for Android and iOS

4 Reasons to Avoid the 2023 Nissan Maxima

One UI 5.0 feature focus: Create home screen widget stacks

Will 5G Make Me Use More Cellular Data?

OTHER TECH NEWS

Top Car News Car News