New deals, Galaxy S25 edge, S25 Ultra, Watch Ultra, and Bespoke AI Jet Ultra!
Reading time: 2 minutes
In essence, these vulnerabilities could allow an attacker to continue to read and write physical pages after they had been returned to the system. Or in other words, an attacker with native code execution in an app could gain full access to the system and bypass the permission model in Android OS. (via Google Project Zero)
These security flaws discovered by Project Zero were brought to ARM's attention in June and July. ARM fixed these Mali-related security flaws a month later, but as of this writing, no smartphone vendors have applied security patches to address these vulnerabilities.
The Mali GPU from ARM can be found in smartphones across different brands, including Samsung, Xiaomi, and Oppo. In fact, the exploit was originally discovered as it was targeting the Pixel 6. Google hasn't patched this vulnerability either, despite Project Zero's efforts to bring the problem to light.
This vulnerability doesn't concern Samsung devices powered by Snapdragon or the Galaxy S22 series. Yes, the latter has an Exynos chipset in some markets, but it uses an Xclipse 920 graphics chip rather than a Mali GPU.
Mihai is a blogger and column writer at SamMobile. His first Samsung phone was an A800 which took a lot of beating, and a part of him still misses the novelty of the clamshell design. In his free time, he enjoys watching shows, documentaries, and stand-up comedy; listening to music, taking walks, and occasionally playing old(er) video games.
Trending
We'd like to show you notifications for the latest important news and updates