Google security team discovered more than 9 important vulnerabilities in Qualcomm Adreno GPU driver, and OEMs have received patches

According to foreign media Wired, three Google security researchers demonstrated more than 9 Qualcomm Adreno GPU driver vulnerabilities at the DEF CON 32 security conference held in Las Vegas, USA on the 9th local time. . It is understood that the Adreno GPU driver is responsible for coordinating the communication between GPU hardware and operating systems such as Android, and has deep permissions in the system kernel. Applications on Android phones can communicate directly with the Qualcomm Adreno GPU driver without sandboxing or additional permission checks. An attacker could exploit the vulnerability discovered by the researchers to gain complete control over the memory of an affected device, thereby taking over the entire device. Xuan Xing, Google's Android security red team manager, said: Compared with the huge Android ecosystem, we are just a small team - the scope of our work is too large to cover everything, so we have to figure out which aspects will have the biggest impact. So why should we care about GPU drivers in this case? Because untrusted applications do not need any permissions to access the GPU driver. This is very important and I think will attract the attention of many attackers.

Source Pexels A Qualcomm spokesperson confirmed to foreign media that Qualcomm has provided relevant vulnerability patches to OEM manufacturers in May 2024. Qualcomm encourages end users to obtain and apply these patches from device manufacturers.

The above is the detailed content of Google security team discovered more than 9 important vulnerabilities in Qualcomm Adreno GPU driver, and OEMs have received patches. For more information, please follow other related articles on the PHP Chinese website!