Millions of Android devices prone to hacking due to GPU bug: Google

Advertisement
Millions of Android devices prone to hacking due to GPU bug: Google
  • The tech giant's Project Zero team said it had alerted the chip designer ARM about the GPU bug.
  • The British chip designer had fixed those vulnerabilities.
  • Google researchers reported five issues to ARM when they were discovered between June and July 2022.
Advertisement

Google researchers have warned that millions of Android smartphones are prone to hacking due to a bug in one of the graphics processing units (GPU) within the devices.

The tech giant's Project Zero team said it had alerted the chip designer ARM about the GPU bug, and the British chip designer had fixed those vulnerabilities.

However, smartphone manufacturers including Samsung, Xiaomi, Oppo and Google "hadn't deployed patches to fix the vulnerabilities as of earlier this week", claimed the Project Zero team.
Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

"The vulnerabilities discussed are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable," said Ian Beer of Project Zero

Google researchers reported five issues to ARM when they were discovered between June and July 2022.
Advertisement


ARM fixed the issues promptly in July and August 2022, disclosing them as security issues on their Arm Mali Driver Vulnerabilities page (CVE-2022-36449) and publishing the patched driver source on their public developer website.

However, Google "discovered that all of our test devices which used Mali GPU are still vulnerable to these issues. CVE-2022-36449 is not mentioned in any downstream security bulletins".

The researchers said users are recommended to patch as quickly as they can once a release containing security updates is available, so the same applies to vendors and companies.

"Companies need to remain vigilant, follow upstream sources closely, and do their best to provide complete patches to users as soon as possible," the tech giant added.

According to SamMobile, Samsung's Galaxy S22 series devices and the company's Snapdragon-powered handsets aren't affected by these bugs.
Advertisement

SEE ALSO: Zomato goes desi, now available in Hindi and 8 other regional languages
ISRO begins countdown for PSLV-C54 mission to launch Oceansat, eight other satellites
India, UAE in talks for rupee-dirham denominated bilateral trade
{{}}