English
Industry Expert Blogs
|
Backdoor Affects Chinese ARM-based Prototyping Devices, OthersCode Review - Robert VamosiMay. 17, 2016 |
Researchers have found that a Chinese chip manufacturer for low-cost Android tablets, set-top boxes, ARM-based PCs, and other devices has shipped a vulnerable Linux kernel in its latest product.
The operating system 3.4 legacy Linux kernel for H3/A83T/H8 produced by Allwinner, a Chinese system-on-a-chip company, apparently contains a serious vulnerability that can produce local privileges escalation. A backdoor. According to security researchers, the company’s ARM Linux kernel includes code, “rootmydevice”, that gives apps running on the device root.
According to Ambian, a company that makes Linux distros for prototyping and development boards, the vulnerability affects every OS image for H3, A83T or H8 devices that rely on Kernel 3.4. For example Orange Pi, a low-cost prototyping board, currently runs on H3.
Related Blogs
- Digitizing Data Using Optical Character Recognition (OCR)
- Mitigating Side-Channel Attacks In Post Quantum Cryptography (PQC) With Secure-IC Solutions
- ARM vs RISC-V: Beginning of a new era
- Morello Program one year on: A step closer to securing our digital future
- Raspberry Pi Pico 2: Arm-based Development Board Delivers Higher, More Secure Performance for Commercial Applications