Last November, a massive security flaw was discovered in the Mali graphics chip, affecting millions of Samsung smartphones running on Exynos chipsets. Since then, the vulnerability has become part of a chain that hackers have successfully exploited to lead unsuspecting Samsung Internet browser users to malicious websites. And while that chain has been broken, the security flaw in Mali continues to affect nearly every device Galaxy with Exynos, except for the series Galaxy S22, which uses the Xclipse 920 GPU.
Google's Threat Analysis Group (TAG), a cyber threat analysis team, discovered this chain of exploits targeting Chrome and Samsung browsers yesterday. He discovered it three months ago.
Gallery
Specifically, Chrome is affected by two vulnerabilities in this chain. And since Samsung's browser uses the Chromium engine, it was used as an attack vector in conjunction with the Mali GPU kernel driver vulnerability. This exploit gives attackers access to the system.
Through this chain of exploits, hackers could use SMS messages on the device Galaxy located in the United Arab Emirates to send one-time links. These links would redirect unsuspecting users to a page that would provide a “fully functional spyware suite for Android written in C++ that includes libraries for decrypting and capturing data from various chat and browser applications".
What is the current situation? Google patched these two mentioned vulnerabilities on Pixel phones earlier this year. Samsung patched its Internet browser last December, breaking a chain of exploits using its Chromium-based Internet application and the Mali kernel vulnerability, and attacks on users in the United Arab Emirates appear to have stopped. However, one glaring problem remains.
You could be interested in
While the chain of exploits detailed by the TAG team has been fixed by Samsung's December browser updates, one link in the chain, which involves a serious security flaw in Mali (CVE-2022-22706), remains unpatched on Samsung devices with Exynos chipsets and Mali GPUs. And this despite the fact that Mali chip maker ARM Holdings already released a fix for this bug in January of last year.
Until Samsung fixes this issue, most devices Galaxy with Exynos, it will still be vulnerable to abuse of the Mali kernel driver. We can thus hope that Samsung will release the relevant patch as soon as possible (it is suggested that it could be part of the April security update).
So when I see those articles copied from Sammobile and only translated, I don't even have to come here.