「数据分析」eu-16-Donenfeld-Stumping-The-Mobile-Chipset-wp-技术分析.zip资源-CSDN文库

共1个文件

pdf：1个

版权申诉

企业安全

安全研究

illustrator

web安全

39 浏览量 2021-12-04 15:46:02 上传评论收藏 1009KB ZIP 举报

资源推荐

资源详情

资源评论

收起资源包目录

「数据分析」eu-16-Donenfeld-Stumping-The-Mobile-Chipset-wp - 技术分析.zip （1个子文件）

eu-16-Donenfeld-Stumping-The-Mobile-Chipset-wp.pdf 1.02MB

INTRODUCTION

The cloak-and-dagger of cybercrime makes for entertaining theater.

That’s especially true for sensational breaches often caused by malware

or other sophisticated attacks. Behind the drama though are some

inherent vulnerabilities making these attacks possible.

A myriad of device models, operating system versions, and unique

software modifications makes handling Android vulnerabilities a

challenge. The earlier these vulnerabilities are born in the supply chain,

the more difficult they are to fix.

Fixes require mind-bending coordination between suppliers,

manufacturers, carriers and users before patches make it from the

drawing board to installation. The fragmented world of Android leaves

many users exposed to risk, even with out-of-the-box devices.

In this report, the research team details four newly-discovered

vulnerabilities affecting over 900 million Android smartphones and

tablets. If exploited, each of these can give attackers complete control of

devices and access to sensitive personal and enterprise data on them.

QUADROOTER

QuadRooter is a set of four vulnerabilities affecting Android devices built

on Qualcomm® chipsets. The world’s leading designer of LTE chipsets,

Qualcomm owns a 65% share of the LTE modem baseband market.

ABI Research: https://www.abiresearch.com/press/abi-research-reports-qualcomm-maintains-clear-lead/

QUADROOTER

NEW VULNERABILITIES AFFECTING OVER 900 MILLION ANDROID DEVICES

by the Check Point Research Team

WHAT IS ROOTING?

Rooting enables administrative

control of a device and allows apps to

run privileged commands not usually

available on factory-configured

devices. An attacker can use these

commands to perform operations like

changing or removing system-level

files, deleting or adding apps, as well

as accessing hardware on the device,

including the touchscreen, camera,

microphone, and other sensors.

If any one of the four vulnerabilities is exploited, an attacker can

trigger privilege escalations and gain root access to a device.

An attacker can exploit these vulnerabilities

using a malicious app. These apps require no

special permissions to take advantage of these

vulnerabilities, alleviating any suspicion users

may have when installing.

The vulnerabilities are found in Qualcomm’s

software drivers that come with its chipsets.

The drivers, controlling communication

between chipset components, become

incorporated into Android builds

manufacturers develop for their devices.

Pre-installed on devices at the point of

manufacturing, these vulnerable drivers can

only be fixed by installing a patch from the

distributor or carrier. Distributors and carriers

can only issue patches after receiving fixed

driver packs from Qualcomm.

The research team provided Qualcomm with information about

the vulnerabilities in April 2016. The team then followed the

industry-standard disclosure policy (CERT/CC policy) of allowing

90 days for patches to be produced before disclosing these

vulnerabilities to the public.

Qualcomm reviewed these vulnerabilities, classified each as high

risk, and confirmed that it released patches to original equipment

manufacturers (OEMs).

This affects an estimated 900 million Android devices

manufactured by OEMs like Samsung, HTC, Motorola, LG and

more. In fact, some of the latest and most popular Android

devices found on the market today use the vulnerable Qualcomm

chipsets including:

 BlackBerry Priv

 Blackphone 1 and 2

 Google Nexus 5X, 6 and 6P

 HTC One M9 and HTC 10

 LG G4, G5, and V10

 New Moto X by Motorola

 OnePlus One, 2 and 3

 Samsung Galaxy S7 and S7 Edge

 Sony Xperia Z Ultra

Unique vulnerabilities affect four modules. Each vulnerability

impacts a device’s entire Android system:

 IPC Router (inter-process communication)

The ipc_router module provides inter-process communication

for various Qualcomm components, user mode processes, and

hardware drivers.

 Ashmem (Android kernel anonymous shared memory feature)

Android’s propriety memory allocation subsystem, Ashmem

enables processes to share memory buffers efficiently. Android

devices using Qualcomm chipsets use a modified ashmem

system, providing easy access to the subsystem API from the

GPU drivers.

 kgsl (kernel graphics support layer) &

kgsl_sync (kernel graphics support layer sync)

The Qualcomm GPU component kgsl is a kernel driver that

renders graphics by communicating with user-mode binaries.

While this driver includes many modules, kgsl_sync is the one

responsible for synchronization between the CPU and apps.

FRAGMENTATION

VISUALIZED

A number of factors

contribute to Android

fragmentation including

different Android builds

for different device

makers, models, carriers

and distributors.

WHY DOES THIS KEEP HAPPENING? THE SUPPLY CHAIN.

Suppliers, like chipset makers, provide the hardware and software modules needed to manufacture

smartphones and tables. Original equipment manufacturers (OEMs) combine these software modules,

Android builds from Google, and their own customizations to create a unique Android build for a

particular device. Distributors resell the devices, often including their own customizations and apps –

creating yet another unique Android build. When patches are required, they must flow through this supply

chain before making it onto an end user’s device. That process often takes weeks or even months.

In-market Android devices as of August 2015. (Source: OpenSignal)

CONSUMERS MAY BE LEFT UNPROTECTED

FOR LONG PERIODS OF TIME OR EVEN

INDEFINITELY, BY ANY DELAYS IN PATCHING

VULNERABILITIES ONCE THEY ARE DISCOVERED.

– Federal Communications Commission

RECOMMENDATIONS

Vulnerabilities like QuadRooter bring the unique challenge of securing

Android devices into focus:

 Fragmentation puts the responsibility of keeping Android devices and

their data safe into the hands of a complex supply chain.

 Making patches and security updates available is resource and time-

intensive – leaving users without protection while these are coded,

tested, accepted and distributed.

 In-market devices that cannot support the latest versions of Android

may not receive important security updates at all, leaving them

exposed to new vulnerabilities.

 End-users remain poorly informed by retailers and employers on the

risks of using mobile devices and networks, including the risks of

rooting, downloading apps from third-party sources, and using public

Wi-Fi® networks.

 These gaps not only put at risk the user’s personal information, but

also any sensitive enterprise information that may be on their device.

Stake holders throughout the Android supply chain continue to explore

comprehensive solutions that address these concerns. They are no doubt

motivated by the United States Federal Communications Commission

Federal Communications Commission: https://www.fcc.gov/document/fcc-launches-inquiry-mobile-device-

security-updates

“

评论收藏

内容反馈

版权申诉

科技方案

粉丝: 6
资源: 6458

「数据分析」eu-16-Donenfeld-Stumping-The-Mobile-Chipset-wp - 技术分析.zip

信息安全_数据安全_eu-16-Donenfeld-Stumping-The-Mob.pdf

BurpLoaderKeygen.jar.zip

最新版ISO/IEC 27001:2022、ISO 27002:2022中英文合集

Goby红队版-win-x64-2.4.7版本

Chrome Header Editor 插件

ISO SAE 21434-2021 中文版.pdf

OpenVAS GVM 中文翻译补丁

安全认证cisp教材全套

STM32F103C8T6核心板-电路原理图1.PDF

软件工程导论(第六版)课后习题答案1

goby红队&社区版-win-64-2.4.7

现代永磁同步电机控制原理及MATLAB仿真__袁雷编著1

OpenVAS离线资源

全面的安全基线核查清单

2023年最全最精简wifi密码字典(2.6G)

hackbar2.1.3-master安装包

CISP、NISP二级、CISE题库最新版（2024年1月更新）

Kali安装burpsuite专业版

UN R155 信息安全法规 中英文版

关于STM32F103C8T6芯片的一些重要引脚功能的整理1

LiqunKit-1.6.2

14.视觉SLAM十四讲(高翔第二版)1

Move-Certificates-v1.9.zip

jssecacerts

2021年11月更新的哥斯拉4.0.1 免费

Goby POC，1275个，自己在网络上收集的，基本是网上能找到的最全的了

2024最新：Hvv中常见的面试问题

Awvs工具的压缩包文件

最新资源

UN R155 信息安全法规中英文版