Teacher
Professional
- Messages
- 2,670
- Reaction score
- 775
- Points
- 113
A bug in Pixel 8 allows you to take control of the device.
The GrapheneOS project team, which is working on a secure version of the Android Open Source Project (AOSP), has discovered a problem in the Android 14 Bluetooth stack, leading to remote code execution.
A Use-After-Free (UAF) vulnerability occurs when audio is transmitted over Bluetooth LE. The flaw was detected using the hardened_malloc function, which includes additional protection measures via ARMv8. 5 MTE (MemTag, Memory Tagging Extension, Memory Tagging Extension), which allows you to monitor and prevent pointer misuse associated with freed memory blocks, buffer overflows, and other similar problems.
The vulnerability appeared after updating to Android 14 QPR2 in early March and affected all smartphones that do not have MTE enabled, although GrapheneOS has already implemented the feature to enhance security. The error caused crashes when using Samsung Galaxy Buds2 Pro Bluetooth headphones if MTE protection is enabled in the firmware.
The vulnerability was fixed in the latest GrapheneOS update 2024030900 and affects only those builds where MTE protection is not involved (available only for Google Pixel 8 and Pixel 8 Pro). On Pixel 8 devices with the latest Android 14 QPR2 update, the problem was reproducible, but it could be prevented by enabling MTE in the developer settings, resulting in an increase in memory consumption by about 3% without compromising performance.
The GrapheneOS project team, which is working on a secure version of the Android Open Source Project (AOSP), has discovered a problem in the Android 14 Bluetooth stack, leading to remote code execution.
A Use-After-Free (UAF) vulnerability occurs when audio is transmitted over Bluetooth LE. The flaw was detected using the hardened_malloc function, which includes additional protection measures via ARMv8. 5 MTE (MemTag, Memory Tagging Extension, Memory Tagging Extension), which allows you to monitor and prevent pointer misuse associated with freed memory blocks, buffer overflows, and other similar problems.
The vulnerability appeared after updating to Android 14 QPR2 in early March and affected all smartphones that do not have MTE enabled, although GrapheneOS has already implemented the feature to enhance security. The error caused crashes when using Samsung Galaxy Buds2 Pro Bluetooth headphones if MTE protection is enabled in the firmware.
The vulnerability was fixed in the latest GrapheneOS update 2024030900 and affects only those builds where MTE protection is not involved (available only for Google Pixel 8 and Pixel 8 Pro). On Pixel 8 devices with the latest Android 14 QPR2 update, the problem was reproducible, but it could be prevented by enabling MTE in the developer settings, resulting in an increase in memory consumption by about 3% without compromising performance.
