Security News > 2022 > November > Mali GPU ‘patch gap’ leaves Android users vulnerable to attacks
A set of five exploitable vulnerabilities in Arm's Mali GPU driver remain unfixed months after the chip maker patched them, leaving potentially millions of Android devices exposed to attacks.
The vulnerability impacts Arm Mali GPU kernel drivers Valhall r29p0 to r38p0.
While the severity score of the issues is medium, they are exploitable and impact a wide number of Android devices.
Mali GPU drivers are used by system-on-a-chip circuits from vendors such as MediaTek, HiSilicon Kirin, and Exyno, which power most Android devices on the market.
At the moment, the fix from Arm has not reached OEM partners and is being tested for Android and Pixel devices.
In a few weeks, Android will be delivering the patch to its partners, who are reponsible for implementing the fix.
News URL
Related news
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)