Warning! Over 900 Million Android Phones Vulnerable to New ‘QuadRooter’ Attack

Android has Fallen! Yet another set of Android security vulnerabilities has been discovered in Qualcomm chipsets that affect more than 900 Million Android smartphones and tablets worldwide.

What’s even worse: Most of those affected Android devices will probably never be patched.

Dubbed "

Quadrooter

," the set of four vulnerabilities discovered in devices running Android Marshmallow and earlier that ship with Qualcomm chip could allow an attacker to gain root-level access to any Qualcomm device.

The chip, according to the latest statistics, is found in more than 900 Million Android tablets and smartphones.

That’s a very big number.

The vulnerabilities have been disclosed by a team of

Check Point

researchers at the DEF CON 24 security conference in Las Vegas.

List of Quadrooter Vulnerabilities

The four security vulnerabilities are:

  1. CVE-2016-2503 discovered in Qualcomm’s GPU driver and fixed in Google’s Android Security Bulletin for July 2016.
  2. CVE-2016-2504 found in Qualcomm GPU driver and fixed in Google’s Android Security Bulletin for August 2016.
  3. CVE-2016-2059 found in Qualcomm kernel module and fixed in April, though patch status is unknown.
  4. CVE-2016-5340 presented in Qualcomm GPU driver and fixed, but patch status unknown.

Qualcomm is the world’s leading designer of LTE (

Long Term Evolution

) chipsets with a 65% share of the LTE modem baseband market. If any one of the four flaws is exploited, an attacker can trigger privilege escalations for gaining root access to an affected device.

All an attacker needs is to write a piece of malware and send it to the victim. When installed, the malware offers the attacker privilege escalation on the affected devices.

According to the researchers, the attack can also be conducted through a malicious app. An attacker needs to trick a user into installing a malicious app that, unlike other malware, would execute without requiring any special permission checks.

"Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing," Check Point researchers write in a blog post.

If any of the four vulnerabilities are successfully exploited, an attacker could gain root access to an affected device, giving the attacker full access to the device, including its data, camera and microphone.

List of Affected Devices

More than 900 Million Android devices that ship with Qualcomm chip are vulnerable to the flaws.

Here’s the list of some of the popular affected devices, though there are far more devices that are impacted by one or more Quadrooter vulnerabilities.

  • Samsung Galaxy S7 and Samsung S7 Edge
  • Sony Xperia Z Ultra
  • OnePlus One, OnePlus 2 and OnePlus 3
  • Google Nexus 5X, Nexus 6 and Nexus 6P
  • Blackphone 1 and Blackphone 2
  • HTC One, HTC M9 and HTC 10
  • LG G4, LG G5, and LG V10
  • New Moto X by Motorola
  • BlackBerry Priv

Check if Your Device is Vulnerable

You can check if your smartphone or tablet is vulnerable to Quadrooter attack using

Check Point’s free app

.

Since the vulnerable software drivers, which control communication between Qualcomm chipset components, come pre-installed on these devices at the time of manufacturing, they can only be fixed by installing a patch from the devices’ distributors or carriers after receiving fixed driver packs from Qualcomm.

"This situation highlights the inherent risks in the Android security model," the researchers say. "Critical security updates must pass through the entire supply chain before they can be made available to end users."

Three of the four vulnerabilities have already been fixed in Google’s latest set of

monthly security updates

, and a patch for the remaining flaw will be rolled out in the upcoming September update.

Since Qualcomm has already released the code, the phone manufacturers could be able to issue patches to the individual devices as soon as possible.

Android Nexus devices are already patched via the over-the-air updates, but other smartphone models will need to wait until their lazy phone manufacturers integrate the fixes into their own custom Android ROMs.

from The Hacker News http://ift.tt/2aTA2KR

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s