Qualcomm Snapdragon SoCs Found to be Insecure - Multiple Security Issues


100% Tier-1 Gogent
So the ever popular phone chip and iOT chip is insecure.  If you are using said chips, contact vendor for update (if they even provide one).


We discovered this particular vulnerability, which is described as a logic bug when an object within the kernel is freed. A node is deleted twice before it is freed. This causes an information leakage and a Use After Free issue in Android. (UAF issues are well-known for being at the heart of exploits, particularly in Internet Explorer.)


This particular vulnerability lies in the function get_krait_evtinfo. (Krait refers to the processor core used by several Snapdragon processors). The function returns an index for an array; however, the validation of the inputs of this function are not sufficient. As a result, when the array krait_functions is accessed by the functions krait_clearpmu and krait_evt_setup, an out-of-bounds access results. This can be useful as part of a multiple exploit attack.

sourced from:


Active Member
This sounds like a garden variety software bug, not a chip bug that's baked into the silicon.  Title makes issue sound harder to fix than it is.