New cold boot attack affects seven years of LG Android smartphones – ZDNet

New cold boot attack affects seven years of LG Android smartphones – ZDNet


LG smartphone
Image: Ilan Dov

South Korean phone manufacturer LG has released a security update last month to fix a vulnerability that impacts its Android smartphones sold over the past seven years.

The vulnerability, tracked under the identifier of CVE-2020-12753, impacts the bootloader component that ships with LG smartphones.

Separate from the Android OS, the bootloader is a piece of firmware specific to each smartphone vendor. It is the first piece of code that runs when a user starts their device, and it ensures that smartphone firmware and the Android OS itself start in a correct and secure manner.

Vulnerability found in the LG bootloader graphics package

In March this year, US software engineer Max Thomas
Source…