Ho processor ea litšoantšo ea Qmage e fanoeng ho Samsung Android firmware, e hahiloeng ka har'a sistimi ea ho fana ka litšoantšo tsa Skia,
Ho lumeloa hore bothata bo bile teng ho tloha 2014, ho qala ka firmware e thehiloeng ho Android 4.4.4, e ileng ea eketsa liphetoho ho sebetsana le liforomo tse eketsehileng tsa litšoantšo tsa QM, QG, ASTC le PIO (PNG variant). Kotsi
Bothata bo ile ba bonoa nakong ea tlhahlobo ea fuzz ke moenjiniere oa Google, ea ileng a paka hore ts'oaetso ha e felle feela ho likotsi mme a hlophisa mohlala o sebetsang oa ts'ebetso e fetang ts'ireletso ea ASLR le ho qala sebali ka ho romella letoto la melaetsa ea MMS ho Samsung. Galaxy Note 10+ smartphone e sebelisang sethala sa Android 10.
Mohlala o bontšitsoeng, tlhekefetso e atlehileng e ile ea hloka metsotso e ka bang 100 ho hlasela le ho romela melaetsa e fetang 120. Ts'ebetso ena e na le likarolo tse peli - mohatong oa pele, ho feta ASLR, aterese ea mantlha e khethoa lilaebraring tsa libskia.so le libhwui.so, mme mothating oa bobeli, phihlello ea sesebelisoa e hole e fanoa ka ho qala "reverse. khetla”. Ho ipapisitse le sebopeho sa memori, ho tseba aterese ea mantlha ho hloka ho romella ho tloha ho 75 ho isa ho 450 melaetsa.
Ho phaella moo, e ka hlokomeloa
- CVE-2020-0096 ke ts'oaetso ea lehae e lumellang ts'ebetso ea khoutu ha o sebetsana le faele e etselitsoeng ka ho khetheha);
- CVE-2020-0103 ke ts'oaetso e hole ho sistimi e lumellang ts'ebetso ea khoutu ha e sebetsana le data e etselitsoeng ka ntle ka ho khetheha);
- CVE-2020-3641 ke tlokotsi ea likarolo tsa thepa ea Qualcomm).
Source: opennet.ru