Qualcomm Snapdragon SoCs Found to be Insecure - Multiple Security Issues

[drmike]

So the ever popular phone chip and iOT chip is insecure.  If you are using said chips, contact vendor for update (if they even provide one).


CVE-2016-0819

We discovered this particular vulnerability, which is described as a logic bug when an object within the kernel is freed. A node is deleted twice before it is freed. This causes an information leakage and a Use After Free issue in Android. (UAF issues are well-known for being at the heart of exploits, particularly in Internet Explorer.)

CVE-2016-0805

This particular vulnerability lies in the function get_krait_evtinfo. (Krait refers to the processor core used by several Snapdragon processors). The function returns an index for an array; however, the validation of the inputs of this function are not sufficient. As a result, when the array krait_functions is accessed by the functions krait_clearpmu and krait_evt_setup, an out-of-bounds access results. This can be useful as part of a multiple exploit attack.



sourced from: http://blog.trendmicro.com/trendlabs-security-intelligence/android-vulnerabilities-allow-easy-root-access/

 

[willie]

This sounds like a garden variety software bug, not a chip bug that's baked into the silicon.  Title makes issue sound harder to fix than it is.