cross-posted from: https://infosec.pub/post/18563178
Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. […]
If only Android was based on mainline Linux! Who am I joking, cost is way more important than security.
Serious question though, can this be exploited via web assembly? Also is Lineage OS shipping patches? I know many devices have been abandoned by the vendors so it is entirely possible this will go unpatched in older devices
Also is Lineage OS shipping patches? I know many devices have been abandoned by the vendors so it is entirely possible this will go unpatched in older devices
This is a vulnerability in a proprietary Qualcomm’s DSP. The patch will only be made available to OEMs. LineageOS cannot patch this vulnerability if the device itself is no longer receiving official updates.
