MuQualcomm's isina waya chip stack kusakwana katatu kunoratidzwa pasi pezita rekodhi "QualPwn". Nyaya yekutanga (CVE-2019-10539) inobvumira zvishandiso zveAroid kuti zvirwiswe kure kuburikidza neWi-Fi. Dambudziko rechipiri riripo mune yemuridzi firmware ine Qualcomm isina waya stack uye inobvumira kupinda kune baseband modem (CVE-2019-10540). Dambudziko rechitatu mune icnss mutyairi (CVE-2019-10538) uye inoita kuti zvikwanise kuzadzisa kodhi yayo padanho re kernel yeAroid platform. Kana musanganiswa wekusagadzikana uku ukashandiswa zvinobudirira, anorwisa anogona kure kure nekudzora mudziyo wemushandisi pane Wi-Fi inoshanda (kurwiswa kunoda kuti munhu akabatwa neanorwisa vabatanidzwe kune imwechete waya isina waya).
Kugona kurwisa kwakaratidzwa kuGoogle Pixel2 uye Pixel3 smartphones. Vatsvagiri vanofungidzira kuti dambudziko rinogona kukanganisa zvinodarika zviuru mazana masere nemakumi matatu nezvishanu zvemidziyo zvichibva paQualcomm Snapdragon 835 SoC uye machipisi matsva (kutanga neiyo Snapdragon 835, iyo WLAN firmware yakasanganiswa nemodem subsystem uye yakamhanya seyakazvimiririra application munzvimbo yemushandisi). By Qualcomm, dambudziko rinokanganisa akati wandei machipisi akasiyana.
Parizvino, chete ruzivo rwakakwana nezve kusasimba ruripo, uye ruzivo zvicharatidzwa muna Nyamavhuvhu 8 pamusangano weBlack Hat. Qualcomm neGoogle vakaziviswa nezvematambudziko munaKurume uye vakatoburitsa zvigadziriso (Qualcomm yakaziviswa nezvematambudziko ari , uye Google yakagadzirisa kusasimba mukati Android platform update). Vese vashandisi vemidziyo yakavakirwa paQualcomm chips vanokurudzirwa kuisa iyo iripo inogadziridza.
Pamusoro penyaya dzine chekuita neQualcomm chips, iyo Nyamavhuvhu yekuvandudza kuAndroid chikuva zvakare inobvisa njodzi yakakosha (CVE-2019-11516) muBroadcom Bluetooth stack, iyo inobvumira anorwisa kuti aite kodhi yavo mumamiriro ezvinhu akasarudzika. kutumira chikumbiro chekufambisa data chakagadzirwa. Kusagadzikana (CVE-2019-2130) kwakagadziriswa mu Android system zvikamu izvo zvinogona kubvumira kodhi kuurayiwa neropafadzo dzakakwirira kana uchigadzira akagadzirwa akagadzirwa PAC mafaera.
Source: opennet.ru