ARM Mali graphics chips, included in millions of smartphones, contain a series of critical flaws discovered this summer. However, as of now, none of the mobile manufacturers have released an update, despite having had patches for months.
Project Zero researchers from GoogleGoogle just published a report in order to alert on a series of critical flaws that affect a large number of Android smartphone models. These are six flaws, actually discovered by the team in June and July, for which smartphone manufacturers have yet to release an update.
The flaws relate to the graphics chips ARMARM Mali, which are included in a large number of mobile processors. According to the report, “ one of these issues led to kernel memory corruption, another led to leaked memory addresses physiquephysique to user space and the other three led to a condition of using a physical page after it was released ».
Manufacturers still haven’t integrated the fixes
The SoCSoC Samsung Exynos are affected, as well as Google Tensor, MediaTek, and HiSilicon Kirin. The flaws affect many brands, including Google, Xiaomi, Oppo, and Samsung (excluding Galaxy S22). Note that the Qualcomm Snapdragon SoCs use the graphics processorsgraphics processors Adreno and are therefore not affected.
The researchers reported the flaws to ARM, which released graphics driver patches in July and August. However, it is the manufacturers who must then include this new version in an update. After several months, none of the test devices at Project Zero have received a patch. This includes Pixels, while Google is responsible for the development ofAndroidAndroid. At present, users of affected devices can only wait to install any update as soon as it becomes available.
