ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Vulnerability nyob rau hauv Qualcomm chips uas tso cai rau tawm tsam ib tug Android ntaus ntawv ntawm Wi-Fi

Vulnerability nyob rau hauv Qualcomm chips uas tso cai rau tawm tsam ib tug Android ntaus ntawv ntawm Wi-Fi

Hauv Qualcomm's wireless chip pawg txheeb xyuas peb qhov tsis zoo uas tau nthuav tawm hauv qab lub npe "QualPwn". Thawj qhov teeb meem (CVE-2019-10539) tso cai rau cov khoom siv hauv Android raug tawm tsam los ntawm Wi-nkaus. Qhov teeb meem thib ob yog tam sim no nyob rau hauv tus tswv firmware nrog Qualcomm wireless pawg thiab tso cai rau kev nkag mus rau hauv baseband modem (CVE-2019-10540). Qhov teeb meem thib peb tam sim no nyob rau hauv tus tsav tsheb icnss (CVE-2019-10538) thiab ua kom nws muaj peev xwm ua tiav kev ua tiav ntawm nws cov cai ntawm qib kernel ntawm Android platform. Yog tias kev sib xyaw ua ke ntawm cov kev tsis zoo no tau ua tiav tiav, tus neeg tawm tsam tuaj yeem tau txais kev tswj hwm ntawm tus neeg siv lub cuab yeej uas Wi-nkaus ua haujlwm (qhov kev tawm tsam xav kom tus neeg raug tsim txom thiab tus neeg tawm tsam txuas nrog tib lub wireless network).

Lub peev xwm tawm tsam tau tshwm sim rau Google Pixel2 thiab Pixel3 smartphones. Cov kws tshawb fawb kwv yees tias qhov teeb meem muaj feem cuam tshuam rau ntau dua 835 txhiab cov khoom siv raws li Qualcomm Snapdragon 835 SoC thiab cov chips tshiab dua (pib nrog Snapdragon 835, WLAN firmware tau koom ua ke nrog lub modem subsystem thiab khiav raws li daim ntawv thov cais hauv cov neeg siv chaw). Los ntawm muab Qualcomm, qhov teeb meem cuam tshuam rau ntau lub kaum os sib txawv chips.

Tam sim no, tsuas yog cov ntaub ntawv dav dav txog qhov tsis muaj peev xwm muaj, thiab cov ntsiab lus npaj ua ntej yuav tsum tau nthuav tawm thaum Lub Yim Hli 8 ntawm lub rooj sib tham Black Hat. Qualcomm thiab Google tau ceeb toom txog cov teeb meem hauv lub Peb Hlis thiab tau tshaj tawm cov kev kho (Qualcomm qhia txog cov teeb meem hauv Lub rau hli ntuj, thiab Google tau kho qhov tsis zoo hauv Lub yim hli ntuj Android platform hloov tshiab). Txhua tus neeg siv ntawm cov khoom siv raws li Qualcomm chips raug pom zoo los nruab qhov hloov tshiab muaj.

Ntxiv rau cov teeb meem cuam tshuam nrog Qualcomm chips, lub Yim Hli hloov tshiab rau Android platform kuj tshem tawm qhov tsis txaus ntseeg tseem ceeb (CVE-2019-11516) hauv Broadcom Bluetooth pawg, uas tso cai rau tus neeg tawm tsam los tua lawv cov cai hauv cov ntsiab lus ntawm cov txheej txheem tsim nyog los ntawm xa ib qho tshwj xeeb crafted cov ntaub ntawv xa mus thov. Qhov tsis zoo (CVE-2019-2130) tau raug daws nyob rau hauv Android system Cheebtsam uas tuaj yeem tso cai rau kev ua tiav nrog cov cai tshwj xeeb thaum ua cov ntaub ntawv PAC tshwj xeeb.

Tau qhov twg los: opennet.ru

Ntxiv ib saib