Demand for graphics processing units, or GPUs, has skyrocketed in recent years as video playback and artificial intelligence systems have expanded the need for processing power. And while most of the most visible shortages (and soaring stock prices) relate to top-of-the-line PC and server chips, mobile graphics processors are the version that everyone with a smartphone uses on a daily basis. So vulnerabilities in these chips or how they’re implemented can have real-world consequences. That’s exactly why Google’s Android vulnerability-hunting red team set its sights on chip giant Qualcomm’s open-source software that’s widely used to implement mobile GPUs.
At the Defcon security conference in Las Vegas on Friday, three Google researchers presented more than nine (and now patched) vulnerabilities they discovered in Qualcomm’s Adreno GPU, a software suite used to coordinate GPUs and an operating system like Android on Qualcomm-powered phones. These “drivers” are crucial to the design of any computer and have deep privileges in the core of an operating system to coordinate hardware peripherals and software. Attackers could exploit the flaws the researchers found to take full control of a device.
For years, engineers and attackers alike have primarily focused on potential vulnerabilities in a computer’s central processing unit (CPU) and optimized the efficiency of GPUs, leaning on them for raw processing power. But as GPUs become more central to everything a device does all the time, hackers on both ends of the spectrum are looking at how GPU infrastructure could be exploited.
“We are a small team compared to the larger Android ecosystem; the scope is too large for us to cover everything, so we need to determine what will have the biggest impact,” said Xuan Xing, director of Google’s Android Red Team. “So why are we focusing on a GPU driver for this case? It’s because no permission is required for untrusted apps to access GPU drivers. This is very important and I believe it will attract the attention of many attackers.”
Xing is referring to the fact that apps on Android phones can communicate directly with the Adreno GPU driver without “any sandboxing or additional permission checks,” as he puts it. This in itself doesn’t give apps the ability to act in an unauthorized manner, but it does make GPU drivers a bridge between the regular parts of the operating system (where data and access are carefully controlled) and the system core, which has full control over the entire device, including its memory. “GPU drivers have all kinds of powerful features,” Xing says. “That memory mapping is a powerful primitive that attackers want to have.”
The researchers say the vulnerabilities they discovered are all flaws that arise from the complexities and complicated interconnections that GPU drivers must navigate to coordinate everything. To exploit the flaws, attackers would first have to establish access to a target device, perhaps by tricking victims into downloading malicious apps.
“There are a lot of moving parts and no access restrictions, so GPU drivers are easily accessible to virtually any app,” says Eugene Rodionov, technical lead of the Android Red Team. “What really makes things problematic here is the complexity of the implementation, which is one element that explains a number of vulnerabilities.”
Qualcomm patches released The flaws are due to “original equipment manufacturers” (OEMs) using Qualcomm chips and software in the Android phones they make. “With regard to the GPU issues disclosed by the Android Security Red Team, patches were made available to OEMs in May 2024,” a Qualcomm spokesperson told WIRED. “We encourage end users to apply security updates from device manufacturers as they become available.”
The Android ecosystem is complex, with patches having to be passed from a vendor like Qualcomm to OEMs and then packaged by each device maker and delivered to users’ phones. This trickle-down process sometimes means devices can be left exposed, but Google has spent years investing to improve these channels and streamline communication.
Still, the findings are another reminder that GPUs themselves and the software that supports them have the potential to become a critical battleground in computer security.
As Rodionov says, “the combination of high implementation complexity with wide accessibility makes it a very interesting target for attackers.”
