Security News > 2022 > November > Mali GPU ‘patch gap’ leaves Android users vulnerable to attacks
A set of five exploitable vulnerabilities in Arm's Mali GPU driver remain unfixed months after the chip maker patched them, leaving potentially millions of Android devices exposed to attacks.
The vulnerability impacts Arm Mali GPU kernel drivers Valhall r29p0 to r38p0.
While the severity score of the issues is medium, they are exploitable and impact a wide number of Android devices.
Mali GPU drivers are used by system-on-a-chip circuits from vendors such as MediaTek, HiSilicon Kirin, and Exyno, which power most Android devices on the market.
At the moment, the fix from Arm has not reached OEM partners and is being tested for Android and Pixel devices.
In a few weeks, Android will be delivering the patch to its partners, who are reponsible for implementing the fix.