News

Security firm reveals four vulnerabilities in all MediaTek socs

By admin
Spread the love

Check Point Research has discovered four vulnerabilities in drivers of all MediaTek stocks. The processor designer has since closed it. The security company discovered the vulnerabilities by reverse engineering parts of the firmware.

The leaks are in the dsp, the digital signal processor of all MediaTek-socs, Check Point reports. They turned out to be possible due to a flaw in the Hardware Abstraction Layer, or HAL, of the soc. Before debugging it was still possible to use the command ‘param_file’ to check audio settings by the manufacturer. MediaTek has fixed that vulnerability, CVE-2021-0673, by stopping ‘param_file’ from executing. For ethical reasons, Check Point does not provide full details of the attack.

The error in the HAL allowed the researchers to access the DSP. It runs on a modified version of FreeRTOS. That firmware is normally not available to end users, not even with root or via ‘adb shell’ commands. Then it turned out to be possible to overwrite the memory with random data, causing the drivers to crash. That happened in different ways. The processor designer has also closed those leaks.

MediaTek supplies socs for about 37 percent of new smartphones, making it the market leader for smartphone socs. Especially cheaper phones often have socs from the processor designer on board.

You might also like
News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

News

Logitech acquires stream controller maker Loupedeck

News

‘AMD wants to sell Radeon RX 7700 and RX 7800 series from September’