3 min read
[AI Minor News]
🏠 Home Blog Pixel 10 Takes a Hit...

Pixel 10 Takes a Hit!? A "Holy Grail" Vulnerability Discovered in Tensor G5's VPU!

#Pixel 10 #Tensor G5 #0-click attack
  • Google Project Zero has reported a 0-click exploit chain in the Pixel 10 (powered by Tensor G5)...
※この記事はアフィリエイト広告を含みます

Pixel 10 Takes a Hit!? A “Holy Grail” Vulnerability Discovered in Tensor G5’s VPU!

📰 News Summary

  • Google Project Zero has reported a 0-click exploit chain affecting the Pixel 10 (powered by Tensor G5).
  • A critical vulnerability has been found in the newly adopted VPU driver’s vpu_mmap handler, which fails to limit the mapping size.
  • By exploiting this bug, attackers can gain arbitrary read/write kernel access with just 5 lines of code.

💡 Key Points

  • Flaw in the VPU Driver: The driver for the Chips&Media WAVE677DV introduced with the Pixel 10 exposes the hardware interface directly to user space, lacking memory boundary checks.
  • Fixed Physical Addresses: The physical addresses of the kernel in Pixel devices are fixed, allowing attackers to bypass ASLR and accurately overwrite kernel areas.
  • Quick Fix: Reported in November 2025, this vulnerability was already patched in the February 2026 security update.

🦈 Shark’s Eye (Curator’s Perspective)

This attack method is razor-sharp, folks! The BigWave driver used in Pixel 9 has been retired, and the newly introduced VPU driver in Tensor G5 got hit right off the bat. Particularly alarming is the implementation of vpu_mmap, which invokes remap_pfn_range without any constraints on the size of the VMA (Virtual Memory Area)—a “Holy Grail” level oversight that forgets the basics of security!

What’s even scarier is that the kernel image is positioned at a higher physical address than the VPU register area, allowing attackers to simply specify a large mapping size to drag the kernel itself into user space. With a known offset, no scanning is even necessary… This is a developer’s worst nightmare!

🚀 What’s Next?

Following this report, we can expect stricter code audits for Tensor chip-specific drivers. Google has immediately classified this bug as “High severity,” accelerating efforts to strengthen the security posture of its custom silicon. Users must ensure they apply patches released after February 2026!

💬 HaruShark’s Take

To think that just 5 lines could expose the kernel is like a shark’s bite sinking a ship! Always check for the latest updates to keep your defenses strong!

📚 Terminology

  • RET PAC: A protection technology for return addresses adopted in the Pixel 10, functioning as a replacement for traditional stack protection (-fstack-protector).

  • VPU (Video Processing Unit): A dedicated chip that accelerates tasks like video decoding, integrated within the Tensor G5 in the Pixel 10.

  • remap_pfn_range: A function used to map physical memory in the kernel space to virtual memory in user space.

  • Source: A 0-click exploit chain for the Pixel 10

🦈 はるサメ厳選!イチオシAI関連
🦈 司令官の愛用品(拡張性の要)
🔌
Anker 332 USB-C ハブ (5-in-1)
「85W充電しながら4K出力ができる優れもの。50gの軽さは正義だサメ!」
Amazonでチェック
【免責事項 / Disclaimer / 免责声明】
JP: 本記事はAIによって構成され、運営者が内容の確認・管理を行っています。情報の正確性は保証せず、外部サイトのコンテンツには一切の責任を負いません。
EN: This article was structured by AI and is verified and managed by the operator. Accuracy is not guaranteed, and we assume no responsibility for external content.
ZH: 本文由AI构建,并由运营者进行内容确认与管理。不保证准确性,也不对外部网站的内容承担任何责任。
🦈 More from the Deep Sea
Pixel 10 Takes a Hit!? A "Holy Grail" Vulnerability Discovered in Tensor G5's VPU! Reviving a Century-Old Record: AI Digitizes US Forest Ranger's Handwritten Diaries with Mistral and Claude Siliconizing AI Models Directly! Taalas Unveils Lightning-Fast Llama Chip with 17,000 Tokens Per Second
🦈