O tagata suʻesuʻe mai le Checkpoint ua faʻaalia ni faʻafitauli se tolu (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663) i le firmware o MediaTek DSP chips, faʻapea foʻi ma se faʻafitauli i le MediaTek Audio HAL audio processing layer (CVE- 2021-0673). Afai e faʻaogaina lelei ia faʻafitauli, e mafai e se tagata osofaʻi ona faʻalogo i luga o se tagata faʻaoga mai se talosaga le lelei mo le Android platform.
I le 2021, MediaTek e tusa ma le 37% o uta o meataalo faʻapitoa mo smartphones ma SoCs (e tusa ai ma isi faʻamatalaga, i le kuata lona lua o le 2021, o le faʻasoa a MediaTek i le au gaosi meataalo DSP mo smartphones e 43%). O meataalo a le MediaTek DSP o loʻo faʻaogaina foʻi i telefoni feaveaʻi e Xiaomi, Oppo, Realme ma Vivo. MediaTek chips, faʻavae i luga o se microprocessor ma Tensilica Xtensa architecture, o loʻo faʻaaogaina i telefoni feaveaʻi e faʻatino ai gaioiga e pei o leo, ata ma ata vitio, i le faʻatulagaina o faiga moni faʻaopoopo, vaʻai komepiuta ma le aʻoaʻoina o masini, faʻapea foʻi ma le faʻatinoina o le faʻaogaina vave.
I le taimi o le faʻaaogaina o le firmware mo MediaTek DSP meataalo e faʻavae i luga o le FreeRTOS platform, e tele auala na faʻaalia e faʻatino ai le code i luga o le firmware ma maua ai le puleaina o gaioiga i le DSP e ala i le tuʻuina atu o talosaga faʻapitoa mai talosaga le lelei mo le Android platform. O faʻataʻitaʻiga faʻataʻitaʻiga o osofaʻiga na faʻaalia i luga o le Xiaomi Redmi Note 9 5G telefoni faʻapipiʻiina ma le MediaTek MT6853 (Dimensity 800U) SoC. O loʻo maitauina o OEM ua uma ona maua faʻaleleia mo faʻafitauli i le Oketopa MediaTek firmware update.
Faatasi ai ma osofaʻiga e mafai ona faia e ala i le faʻatinoina o lau code i le firmware level o le DSP chip:
- Fa'ateteleina fa'amanuiaga ma le fa'asao le saogalemu - pu'e fa'apolopolo fa'amaumauga e pei o ata, vitiō, fa'amaumauga o telefoni, fa'amaumauga o le telefoni, fa'amaumauga GPS, ma isi.
- Te'ena o le tautua ma gaioiga leaga - poloka le avanoa i fa'amatalaga, fa'agata le puipuiga o le vevela i le taimi o le vave fa'atumuina.
- O le nanaina o gaioiga leaga o le fatuina lea o vaega leaga e le mafai ona vaʻaia ma e le mafai ona faʻaaogaina na faia i le tulaga firmware.
- Fa'apipi'i pine e siaki ai se tagata fa'aoga, e pei o le fa'aopoopoina o pine fa'apitoa i se ata po'o se vitiō e iloa ai pe feso'ota'i fa'amaumauga tu'u i le tagata fa'aoga.
O faʻamatalaga o le faʻafitauli i le MediaTek Audio HAL e leʻi faʻaalia, ae o isi faʻafitauli e tolu i le firmware a le DSP e mafua mai i le le saʻo o le siakiina o tuaoi pe a faʻatautaia feʻau IPI (Inter-Processor Interrupt) na lafoina e le audio_ipi leo leo i le DSP. O nei faʻafitauli e mafai ai ona e faʻatupuina le faʻafefeina o le paʻu i totonu o tagata faʻapipiʻi na tuʻuina atu e le firmware, lea na maua mai ai faʻamatalaga e uiga i le tele o faʻamatalaga faʻafeiloaʻi mai se fanua i totonu o le IPI packet, e aunoa ma le siakiina o le tele moni o loʻo i totonu o mafaufauga faʻasoa.
Ina ia maua le avetaʻavale i taimi o suʻega, saʻo ioctls telefoni poʻo le /vendor/lib/hw/audio.primary.mt6853.so faletusi, lea e le o avanoa mo Android talosaga masani, sa faʻaaogaina. Ae ui i lea, ua maua e le au suʻesuʻe se fofo mo le tuʻuina atu o poloaiga e faʻavae i luga o le faʻaogaina o le faʻaogaina o filifiliga avanoa mo talosaga a isi vaega. E mafai ona suia nei taʻiala e ala i le valaʻau i le AudioManager Android auaunaga e osofaʻia le MediaTek Aurisys HAL libraries (libfvaudio.so), lea e maua ai telefoni e fegalegaleai ma le DSP. Ina ia poloka lenei fofo, MediaTek ua aveese le mafai ona faʻaaoga le PARAM_FILE poloaiga e ala i le AudioManager.
puna: opennet.ru