News

Actively exploited leak gave apps root access on phones with MediaTek soc

By admin
Spread the love

Details have emerged of a leak in many phones with MediaTek socs that was actively exploited to allow apps to gain root access. The exploit worked on devices from Xiaomi, Huawei, LG, Sony and Oppo, among others.

The finder of the leak has called it MediaTek-su, writes XDA-Developers. The developer, who initially wanted to find a root method for Amazon Fire tablets, found the leak in February last year. Subsequently, MediaTek released a patch in the spring of 2019, but many phones have not yet had that patch and are therefore still vulnerable.

The leak is in ‘almost all’ MediaTek-socs with 64-bit processor cores. Samsung phones seem immune to the exploit due to changes to the kernel, but models from many manufacturers are said to be susceptible, XDA users claim. Among them are the Nokia 3.1 and 5.1, Sony Xperia L3, LG K8+ 2018 and dozens of other models.

Little is known about the leak, which Google only mentions in its Android Security Bulletin, but does not explain further. Trend Micro said in January that Mediatek-su was being used by malicious apps to gain root access. Mediatek-su is also in use for regular users to get root on their phones. It works on all Android versions up to and including Pie. Phones with Android 10 are not susceptible.

You might also like
News

Amazon has just taken the first real step to compete with Starlink: it has launched…

Games

PlayStation has asked that all Gaming Heads merchandise be destroyed. Now your…

News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin