MunaNovember wapfuura, kukanganisa kukuru kwekuchengetedza kwakawanikwa muMali graphics chip, zvichikanganisa mamirioni eSamsung mafoni anomhanya paExynos chipsets. Kubva ipapo, kusazvibata kwave chikamu cheketani iyo hackers vakabudirira kushandisa kutungamira vasingafungidzirwe Samsung Internet browser vashandisi kumawebhusaiti ane hutsinye. Uye nepo cheni iyi yadamburwa, chikanganiso chekuchengetedza muMali chiri kuramba chichikanganisa mudziyo wese Galaxy neExynos, kunze kwekutevedzana Galaxy S22, inoshandisa iyo Xclipse 920 GPU.
Google's Threat Analysis Group (TAG), timu yekuongorora kutyisidzira kwe cyber, yakawana iyi chain yezviitiko zvakanangana neChrome uye Samsung mabhurawuza. nezuro. Akazviona mwedzi mitatu yapfuura.
Photogallery
Kunyanya, Chrome inobatwa nekusagadzikana kuviri mumaketani aya. Uye sezvo Samsung's browser inoshandisa iyo Chromium injini, yakashandiswa seyekurwisa vector yakabatana neMali GPU kernel driver kusagadzikana. Kubiridzira uku kunopa vanorwisa kupinda muhurongwa.
Kuburikidza neiyi ketani yezviitiko, matsotsi anogona kushandisa mameseji eSMS pamudziyo Galaxy iri muUnited Arab Emirates kutumira ma-link enguva imwe chete. Izvi zvinongedzo zvinotungamira vashandisi vasingafungire kune peji raizopa "inoshanda zvizere spyware suite ye Android yakanyorwa muC ++ iyo inosanganisira maraibhurari ekubvisa uye kutora data kubva kune akasiyana chat uye browser application".
Mamiriro akaita sei pari zvino? Google yakagadzirisa kusakwana uku kuviri kwakataurwa paPixel mafoni kutanga kwegore rino. Samsung yakabata bhurawuza rayo reInternet muna Zvita wapfuura, ichityora cheni yezviitiko ichishandisa yayo Chromium-yakavakirwa Internet application uye neMali kernel kusagadzikana, uye kurwiswa kwevashandisi muUnited Arab Emirates kunoratidzika kunge kwakamira. Zvisinei, rimwe dambudziko guru rinoramba riripo.
Unogona kufarira
Ipo cheni yezviitiko zvakatsanangurwa nechikwata cheTAG yakagadziriswa neSamsung yaDecember browser inogadziridza, imwe link mucheni, iyo inosanganisira yakakomba kuchengetedza kukanganisa muMali (CVE-2022-22706), inoramba isina kunyorwa paSamsung zvishandiso zvine Exynos chipsets uye. Mali GPUs. Uye izvi zvisinei nekuti Mali chip inogadzira ARM Holdings yakatoburitsa gadziriso yeiyi bug muna Ndira wegore rapfuura.
Kusvikira Samsung yagadzirisa nyaya iyi, michina yakawanda Galaxy neExynos, icharamba iri panjodzi yekushungurudzwa kwemutyairi weMali kernel. Saka tinogona kutarisira kuti Samsung ichaburitsa chigamba chakakodzera nekukurumidza (zvinokurudzirwa kuti inogona kunge iri chikamu cheKubvumbi kuchengetedza kuchengetedza).
Saka pandinoona zvinyorwa zviya zvakakopwa kubva kuSammobile uye zvichishandurwa chete, handitombofanire kuuya pano.