Millions of android users devices could be at risk of attack, Google warns. This high risk is caused by Mali GPU driver flaws and it continues to remain a threat.
Millions of Android Users Devices Could Be At Risk of Attack, Google Warns
Google has now warned that android devices around the globe could be at risk of cyberattacks which is partly due to the slow and cumbersome patching process.
Cybersecurity researchers from the Project Zero team at Google discovered a total of five vulnerabilities that are reportedly affecting the Arm Mali GPU driver.
The said flaw has been grouped under two identifiers which are CVE-2022-33917 and CVE-202236449, and they allow threat actors a myriad of options all ranging from getting access to free memory sections to writing outside buffer bounds. They however have all gotten a severity score of medium.
Manufacturers of Hardware Are Still To Apply These Patches on Their Endpoints
The flaws however have been patched since, but manufacturers of hardware are still to apply these very patches on their endpoints. And unlike apple which is the sole creator of both software and hardware for the iPhone mobile ecosystem, Google is not the only firm that is creating the software and hardware for android.
And besides Google with its Pixel phone, there are a large number of smartphone manufacturers that are building Android-powered devices, such as Samsung, LG, Oppo, and many others. All of these companies have their own, modified versions of Android and their very own approach to hardware.
What Happens When Vulnerability Is Found
That being said, when a vulnerability is discovered, each original equipment manufacturer (OEM) needs to apply the patch to their very own devices. That can take time as you may have guessed, as these patches can sometimes conflict with the drivers of the devices or other components. And this is what seems to be the problem here exactly.
The flaws that reportedly affected Arm’s Mali GPU drivers codenamed Valhall, Bifrost, and Midgard, and affect a long list of devices, and this is including the Pixel 7, RealMe GT, Xiaomi 12 Pro, OnePlus 10R, Samsung Galaxy S10, Huawei P40 Pro, and many other devices. The complete list can be found here.
Users Will Have To Wait For Their Manufacturers to Apply the Patch
At the moment, there’s nothing users can do other than patiently wait for their respective manufacturers to apply the said patch, as it should be delivered to OEMs in a couple of weeks.