Post Syndicated from corbet original http://lwn.net/Articles/696662/rss
Check Point has discovered four local-root vulnerabilities in
Qualcomm-based Android devices and is hyping the result as “QuadRooter“.
“QuadRooter is a set of four vulnerabilities affecting Android
devices built using Qualcomm chipsets. Qualcomm is the world’s leading
designer of LTE chipsets with a 65% share of the LTE modem baseband
market. If any one of the four vulnerabilities is exploited, an attacker
can trigger privilege escalations for the purpose of gaining root access to
a device.” Actually getting the report requires registration. All
four vulnerabilities are in Android-specific code; three of them are in
out-of-tree modules (kgsl and ipc_router); the fourth is
in the “ashmem” code in the staging tree.