![How to Build Scalable Access Control for Your Web App [Full Handbook]](https://cdn.hashnode.com/res/hashnode/image/upload/v1738695897990/7a5962ce-9c4a-4e7c-bdeb-520dccc5d240.png?#)
Hackers Exploit GPU Vulnerabilities to Take Complete Control of Your Device
Significant vulnerabilities in GPU drivers, particularly those affecting ARM Mali GPUs, have been found to enable hackers to gain complete control over devices. These vulnerabilities, identified as CVE-2022-22706 and CVE-2021-39793, exploit flaws in the Mali GPU Kernel Driver, which is widely used in Android devices. If left unpatched, these security gaps allow unprivileged apps to […] The post Hackers Exploit GPU Vulnerabilities to Take Complete Control of Your Device appeared first on Cyber Security News.
Significant vulnerabilities in GPU drivers, particularly those affecting ARM Mali GPUs, have been found to enable hackers to gain complete control over devices.
These vulnerabilities, identified as CVE-2022-22706 and CVE-2021-39793, exploit flaws in the Mali GPU Kernel Driver, which is widely used in Android devices.
If left unpatched, these security gaps allow unprivileged apps to escalate their privileges, potentially compromising sensitive data and system integrity.
The root of the issue lies in the Mali GPU Kernel Driver used by devices from popular brands like Samsung, Xiaomi, and Google Pixel.
These vulnerabilities allow non-privileged users to write to memory pages that are designated as read-only—a fundamental breach of system security.
Exploiting GPU Vulnerabilities
STAR Labs reports that the vulnerabilities stem from improper permission checks in the function kbase_jd_user_buf_pin_pages() within the Mali GPU kernel driver.
This function is responsible for managing how the GPU accesses memory buffers. However, a logic flaw allows malicious applications to bypass security checks and gain write access to read-only memory pages.
By exploiting this flaw, attackers can inject malicious code into privileged processes like init, enabling them to escalate privileges and execute arbitrary code.
Initially, the attacker allocates a read-write memory page. Using a logic flaw in the driver, the attacker gains unintended write access.
Further, the attacker maps and unmaps memory regions to create a scenario where read-only pages appear writable.
By submitting GPU jobs that exploit the vulnerable function kbase_jd_user_buf_pin_pages(), attackers can modify memory pages that should be immutable.
This capability allows attackers to inject payloads into critical system libraries or processes, such as init, ultimately gaining root access.
The implications are severe:
- Attackers can bypass SELinux policies by injecting malicious kernel modules.
- Sensitive files and processes can be manipulated or hijacked.
- Devices become vulnerable to spyware and other forms of malware.
For instance, attackers could use this vulnerability to establish a root reverse shell—effectively granting them unrestricted control over the device.
Ensure Mali GPU drivers are updated to patched versions and regularly update your device with the latest Android security patches.
GPU vulnerabilities like CVE-2022-22706 and CVE-2021-39793 highlight the critical need for robust security practices. As hackers increasingly target low-level hardware components like GPUs, both users and manufacturers must remain vigilant.
For users, staying updated with patches is imperative; for manufacturers, thorough root-cause analysis and proactive security measures are essential to safeguard millions of devices worldwide.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post Hackers Exploit GPU Vulnerabilities to Take Complete Control of Your Device appeared first on Cyber Security News.
![Apple Releases tvOS 18.3 for Apple TV [Download]](https://www.iclarified.com/images/news/96262/96262/96262-640.jpg)
