Google Patches 11 Critical RCE Android Vulnerabilities
rubyrose last edited by
Google’s December Android Security Bulletin tackles 53 unique flaws.
TheVillageIdiot last edited by
The bulk of the bugs listed as high-severity, 24 of them, were affiliated with Qualcomm. Only limited information was available regarding the Qualcomm bugs.
Yeah, this means the baseband / SIM-card on most/all phones. Since it has direct memory access, it's game-over. And this thing is about as closed-source as it gets. If anyone thinks they've got their phone locked down from state-level actors, bad news, there is no defense against the Qualcomm issue outside of building out your own baseband or removing traditional cellphone capabilities.