Adreno GPUs are widely used across several Snapdragon SoCs, offering advanced rendering capabilities for mobile phones and laptops. Models like the Snapdragon X Elite feature the high-performance Adreno X1 GPU, placing it in direct competition with iGPUs from Intel and AMD.
Google researchers have uncovered over nine vulnerabilities in Qualcomm’s Adreno GPU, an integrated graphics processing unit of Qualcomm’s Snapdragon processors. Because the GPU has kernel privileges, the security vulnerabilities pose a major risk since they might allow hackers to gain full control of a device.
The research focused on GPU drivers because untrusted apps can access them without additional permissions, making them good targets for hackers. These drivers’ inherent complexity and deep integration with OS further increase their susceptibility to security issues.
Also Read: OnePlus Buds Pro 3 India Price, Specs Leaked Ahead Of Launch
Qualcomm Already Pushing Patches For Loopholes
Xuan Xing, the manager of Google's Android Red Team, told Wired that their team is small relative to the expansive Android exosystem, so they need to focus on the areas where they can make the most significant impact. Attackers are increasingly exploiting vulnerabilities, such as those seen in Qualcomm’s Adreno and Arm’s Mali. These flaws lead to unauthorized access to data stored in GPU memory, posing significant risks given the widespread use of these components in devices like Android smartphones and tablets.
Qualcomm has already patched the holes Google found, but users should still be wary of such issues. Auto-updating features are usually slower compared to manual installation of updates, plus there is a slight delay between manufacturer patches and operating system updates. Android users should check for and install them sooner rather than later, especially since attackers were reportedly exploiting some of these vulnerabilities in the wild in a limited and targeted manner.
The discovery of these vulnerabilities underscores a growing need to focus on the security of mobile GPUs. Much of the attention has historically been on high-end PC and server processors. However, Adreno’s flaws highlight that mobile GPUs also present significant security risks that OEMs must address.
Also Read: OpenAI Warns Users Of Getting Attached To ChatGPT Voice Mode
Indian Govt Issues Serious Warning For Google Chrome Users
Computer Emergency Response Team (CERT-In), the cyber security watchdog under the Ministry of Electronics and Information Technology (MeitY), has warned Google Chrome users. The warning is specifically for people using Windows, Mac, and Linux operating systems.
As per CERT-In’s warning, Google Chrome for desktops has been found to have multiple vulnerabilities that could be exploited by a remote attacker to execute arbitrary code on the user’s system.
The cybersecurity agency said that these issues exist in the browser for a number of reasons, including initialized and insufficient data usage in the dawn and out-of-bounds read in WebTransport.