High Risk Security Hole Discovered In Qualcomm's GPU Driver
Phoronix: High Risk Security Hole Discovered In Qualcomm's GPU Driver
Rob Clark, the developer employed by Red Hat who has near single-handedly been developing Freedreno as a reverse-engineered, open-source GPU driver for Qualcomm's Adreno graphics hardware, made a big discovery. Rob was playing around with the Amazon Fire TV that boasts a Qualcomm SoC and runs on the Qualcomm proprietary graphics driver when discovering a "high risk" security issue...
This is weird.
With the mali driver, it was all over the news.
But with the adreno driver... Only on phoronix...
Lol, these days if device owner can get root on his device, it called "vulnerability". I would call such terms "rather questionable".
Well, if you call any software running on your device owner, I just call that p0wned.
Originally Posted by 0xBADCODE
A device owner should get root on his device, through authentication and authorisation measures that are safe. The device owner should be able to decide what apps are allowed to do.
This vulnerability allows *any* app to do *anything* on the device owners device without the device owners consent.
And Samsung KNOX or selinux or whatever is not going to help against this.
It allows any unpriviliged application to bypass any security measures within the kernel because it is doing it through external means (the GPU).