Critical security bug in Qualcomm chipsets can let attackers retrieve private encryption keys from QSEE

• The vulnerable Qualcomm chipsets are primarily used in smartphones and tablets.
• Tracked as CVE-2018-11979, the vulnerability impacts how the Qualcomm chips handle data processed inside the QSEE.

A new security bug in Qualcomm chipsets can let attackers retrieve private data and encryption keys from Qualcomm Secure Execution Environment (QSEE). The vulnerable Qualcomm chipsets are primarily used in smartphones and tablets.

What is the flaw - Tracked as CVE-2018-11979, the vulnerability impacts how the Qualcomm chips handle data processed inside the QSEE. The flaw was discovered in March last year by Keegan Ryan, a security researcher with NCC Group.

What is QSEE - The QSEE is a Trusted Execution Environment (TEE), similar to Intel’s SGX. It is a secure area on Qualcomm chipsets where the Android OS and app developers can send data to be processed in a safe and secure environment. The QSEE cannot be accessed by no other app except for the application that has placed the data on the secure area. However, researcher Ryan has found that the QSEE has failed at the primary function it was designed for.

What are the impacts - To exploit the vulnerability, Ryan used a tool named Cachegrab to analyze the Qualcomm memory caches. It helped him to identify small leaks in the ECDSA cryptographic data-signing process implemented on QSEE chips.

"We found two locations in the multiplication algorithm which leak information about the nonce. Both of these locations contain countermeasures against side-channel attacks, but due to the spatial and temporal resolution of our microarchitectural attacks, it is possible to overcome these countermeasures and distinguish a few bits of the nonce,” Ryan said in his research paper.

The researcher conducted a successful test on a Nexus 5X device and had managed to recover a P-526 encryption key from the device’s hardware-backed QSEE keystore.

The vulnerability affects 46 Qualcomm chipsets that include IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205 and SD 410/12.

What is the update - Ryan had notified Qualcomm about the flaw last year and the company has released a security update for the firmware earlier this month.

Android device owners who are using the affected Qualcomm chipsets are advised to update their devices to the latest firmware version.