Google Project Zero Discovers Multiple Vendors' Android Phones Have Unpatched Security Flaws

Google Project Zero has found Mali GPU-related security flaws that can allow attackers to gain access to Android devices . The bugs were discovered in June and July by a Google Project Zero team .

Google Project Zero is a group of security analysts tasked with identifying zero-day vulnerabilities.On Friday, the group unveiled a study claiming that many Android devices, including Pixel, Samsung, Xiaomi, Oppo, and others, also have Mali GPU-related security problems that the team had identified back in June and July.These bugs are said to enable an attacker with native code execution to gain complete access to a smartphone by bypassing the permissions scheme in Android OS.ARM, the Mali GPU maker, had fixed these security issues in July and August earlier this year.

It was found to have five more safety flaws as part of a further investigation.One of these flaws is expected to cause kernel memory corruption, and the other, potentially leaking physical memory addresses to userspace, is said to have triggered a physical page use-after-free state.As we already mentioned, these flaws can allow an attacker to bypass Android permissions in order to gain broad access to user data.ARM had swiftly fixed these security flaws in July and August, according to the Project Zero team.

Smartphones from manufacturers such as Google, Xiaomi, and Oppo that use Mali GPUs are thus still vulnerable to malware.Furthermore, a SamMobile survey notes that millions of Samsung smartphones that are powered by Exynos SoCs coupled with a Mali GPU are now vulnerable to this security scam.These security blunders haven't harmed Samsung devices with Snapdragon chipsets.The Galaxy S22 series with Exynos SoCs is especially obviated from these flaws because it features Xclipse 920 GPUs, according to a featured video of the day.

.
.
.
.