Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs


Level 72
Content Creator
Malware Hunter
Aug 17, 2014
Several security vulnerabilities found in Qualcomm's Snapdragon chip Digital Signal Processor (DSP) chip could allow attackers to take control of more than 40% of all smartphones without user interaction, spy on their users, and create un-removable malware capable of evading detection.

DSPs are system-on-chip units are used for audio signal and digital image processing, and telecommunications, in consumer electronics including TVs and mobile devices.

Despite their complexity and the number of new features and capabilities DSP chips can add to any device, unfortunately, they also introduce new weak points and expand the devices' attack surface.

The vulnerable DSP chip "can be found in nearly every Android phone on the planet, including high-end phones from Google, Samsung, LG, Xiaomi, OnePlus, and more," according to Check Point researchers who found these vulnerabilities.

Apple's iPhone smartphone line is not affected by the security issues discovered and disclosed by Check Point in their report.

Check Point disclosed their findings to Qualcomm, who acknowledged them, notified device vendors, and assigned them with the following six CVEs: CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208, and CVE-2020-11209.
Update: Added Qualcomm statement:

It is now up to the vendors, such as Google, Samsung, and Xiaomi, to integrate those patches into their entire phone lines, both in manufacturing and in the market. Our estimations are that it will take a while for all the vendors to integrate the patches into all their phones. Hence, we do not feel publishing the technical details with everyone is the responsible thing to do given the high risk of this falling into the wrong hands. For now, consumers must wait for the relevant vendors to also implement fixes.


Level 37
Jan 9, 2020
GrapheneOS will remove the whole DSP part:

Pixels have a dedicated SELinux domain for Google Camera extending the standard untrusted app domain with access to the Hexagon DSP (qdsp_device label) and Pixel Neural Core (airbrush_device). Neural Core is a TPU + IPU combo developed in some kind of collaboration with Samsung.

In AOSP or the stock OS on Pixels, apps only have indirect access to QDSP or the Neural Core is via the high-level NN API