Google found yet another major security breach in the technology market, this time in Qualcomm products. The company’s security initiative called Project Zero has exposed a dangerous vulnerability in Qualcomm’s Adreno GPUs, which has already been fixed by the manufacturer.
Fast problem resolution is also good news for Google. Since the flaw was present in Snapdragon chips, millions of Android phones were vulnerable to the problem.
Source: Android Central
Despite the scope, possibly the flaw was not exploited by hackers. According to the description provided by Project Zero members, the vulnerability in the Adreno GPUs was quite technical and specific, which makes exploitation difficult.
New fixes, new flaws
Project Zero finds security flaws in systems and products of large companies and offers the company 90 days to resolve the flaw before publicly disclosing it. Qualcomm received the warning on September 15 and respected the time window: the company released a fix for the problem on December 7, but it may have more work to do.
According to the Neowin, Project Zero experts analyzed the patch published by Qualcomm and found an issue that could lead to smartphone kernel privileges. The information was communicated to the manufacturer on December 10.
Qualcomm did not request extra time for the disclosure of the security breach and said it was investigating the problem found by the researchers. However, as the new flaw is now public, the trend is that the company will not delay in launching a fix aimed at preventing the movement of hackers against Snapdragon chips.