Millions of Android devices prone to hacking due to GPU bug: Google


San Francisco, Nov 25 (IANS): Google researchers have warned that millions of Android smartphones are prone to hacking due to a bug in one of the graphics processing units (GPU) within the devices.

The tech giant's Project Zero team said it had alerted the chip designer ARM about the GPU bug, and the British chip designer had fixed those vulnerabilities.

However, smartphone manufacturers including Samsung, Xiaomi, Oppo and Google "hadn't deployed patches to fix the vulnerabilities as of earlier this week", claimed the Project Zero team.

"The vulnerabilities discussed are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable," said Ian Beer of Project Zero

Google researchers reported five issues to ARM when they were discovered between June and July 2022.

ARM fixed the issues promptly in July and August 2022, disclosing them as security issues on their Arm Mali Driver Vulnerabilities page (CVE-2022-36449) and publishing the patched driver source on their public developer website.

However, Google "discovered that all of our test devices which used Mali GPU are still vulnerable to these issues. CVE-2022-36449 is not mentioned in any downstream security bulletins".

The researchers said users are recommended to patch as quickly as they can once a release containing security updates is available, so the same applies to vendors and companies.

"Companies need to remain vigilant, follow upstream sources closely, and do their best to provide complete patches to users as soon as possible," the tech giant added.

According to SamMobile, Samsung's Galaxy S22 series devices and the company's Snapdragon-powered handsets aren't affected by these bugs.

 

  

Top Stories


Leave a Comment

Title: Millions of Android devices prone to hacking due to GPU bug: Google



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.