Pierluigi Paganini August 09, 2016

Experts from Checkpoint have found four major vulnerabilities dubbed Quadrooter in Qualcomm chips that expose more than 900M Android users to hack.

Security experts from the security firm Checkpoint have found four major vulnerabilities, dubbed Quadrooter, in the firmware running on the in the Qualcomm chips that equip modern Android devices. The Quadrooter flaws could be exploited by hackers to “trigger privilege escalations for the purpose of gaining root access to a device,”

“Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets.” states the blog post published by Checkpoint.

“QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.”

More than 900 million users are vulnerable to a range of attacks, the attackers could use for example a malware which wouldn’t require special permissions to gain control over the mobile device.

Qualcomm chips are the core components of devices manufactured by major mobile vendors, it accounts for the 65 percent of the market.

• BlackBerry Priv
• Blackphone 1 and Blackphone 2
• Google Nexus 5X, Nexus 6, and Nexus 6P
• HTC One, HTC M9, and HTC 10
• LG G4, LG G5, and LG V10
• New Moto X by Motorola
• OnePlus One, OnePlus 2, and OnePlus 3
• Samsung Galaxy S7 and Samsung S7 Edge
• Sony Xperia Z Ultra

The four security vulnerabilities are:

1. CVE-2016-2503 affecting the Qualcomm’s GPU driver and fixed in Google’s Android Security Bulletin for July 2016.
2. CVE-2016-2504 affecting the Qualcomm GPU driver and fixed in Google’s Android Security Bulletin for August 2016.
3. CVE-2016-2059 affecting the Qualcomm kernel module and fixed in April.
4. CVE-2016-5340 affecting the Qualcomm GPU driver and already fixed.

The good news is that three on four vulnerabilities have already been patched, the remaining flaw will be rolled out in the upcoming September update. In cases like this one, the real problem is the time spent by handset manufacturers for releasing a patch. At the time I was writing only Google’s Nexus devices have already been patched by the company.

“Providing technologies that support robust security and privacy is a priority for Qualcomm Technologies. We were notified by the researcher about these vulnerabilities between February and April of this year, and made patches available for all four vulnerabilities to customers, partners, and the open-source community between April and July. The patches were also posted on CodeAurora. QTI continues to work proactively both internally as well as with security researchers to identify and address potential security vulnerabilities.”a Qualcomm spokesperson said.