In context: Adreno GPUs are widely used in various Snapdragon SoCs, providing advanced rendering capabilities for mobile phones and laptops. Models like the Snapdragon X Elite feature the high-performance Adreno X1 GPU, putting it in direct competition with Intel and AMD iGPUs.
Google researchers have discovered more than nine vulnerabilities in Qualcomm’s Adreno GPU, a graphics processing unit built into Qualcomm’s Snapdragon processors. Since the GPU has kernel privileges, the security flaws pose significant risks as they could allow attackers to take complete control of a device.
The study focused on GPU drivers because untrusted applications can access them without additional permission, making them attractive targets for hackers. The inherent complexity of these drivers and their deep integration into operating systems further increases their vulnerability to security breaches.
Xuan Xing, the director of Google’s Android red team, told Wired that his team is small compared to the larger Android ecosystem, so it has to focus on areas where it can have the most significant impact.
Hackers are increasingly exploiting GPU driver vulnerabilities, such as those discovered in Qualcomm’s Adreno and Arm’s Mali. These flaws lead to unauthorized access to data stored in GPU memory, posing significant risks given the widespread use of these components in devices such as Android smartphones and tablets.
Qualcomm has already patched the flaws that Google found, but users shouldn’t rest on their laurels. Automatic update features are typically slower than manually installing updates, and there’s a slight lag between manufacturer patches and operating system updates. Android users should check for and install them as soon as possible, especially since hackers have reportedly already exploited some of these vulnerabilities in a limited and targeted manner.
The discovery of these vulnerabilities underscores the growing need to focus on mobile GPU security. Historically, much of the focus has been on processors for high-end PCs and servers. However, the Adreno flaws highlight that mobile GPUs also pose significant security risks that manufacturers need to address and address.
.png?width=690&quality=75&format=jpg&auto=webp&w=390&resize=390,220&ssl=1 "Black Myth: Wukong Sets New Steam Record")
