OnePlus Oxygen OS 5.1.7 update to fix bootloader vulnerability

A few days ago, a vulnerability has been discovered by Edge Security President Jason Donenfed on the OnePlus 6 that allows attackers to bypass bootloader protection measures and boot a modified firmware image. This vulnerability could potentially help attackers to gain total control over device but it requires a physical access to the device. OnePlus have this issue since a software update to patch loophole. Last year, it was found in OnePlus devices during an diagnostic test  that had offered a backdoor to gain root access without unlocking the bootloader.


Also Read:


Issue:

Just as in case of the EngineerMode app, the attacker needs a tethered connection to a PC to push the modified image to OnePlus, reports XDADevelopers. There is, however, no need to enable USB Debugging mode to exploit the flaw. This means that the attacker just needs to connect the OnePlus 6 to a PC in a default mode to boot arbitrary image.

Fix:

Now OnePlus has started to push the incremental roll-out of OxygenOS 5.1.7 for the OnePlus 6. This update from OnePlus 6 have following Change log:

  • Fixed schedule setting issue for Do Not Disturb(DND) mode
  • Updated bootloader for system security enhancement
  • General bug fixes and improvements

But they have reported by many users from India that they had experienced stability issues with Oxygen OS 5.1.6 update. Due to that issue OnePlus had Paused the rollout of this OTA. They said that the 5.1.7 update will not be released for India region, as They are still working on a fix based on the logs they have received from users who have reported these issues. They will be releasing 5.1.8 update next week which will include the fix & also contain all the features include in the 5.1.7 update.


Also Read:


That’s all guys for this post… Stick with us to get up-to-date with Tech news and tricks.

Hope to see you in my next post. Till then Good Bye!!!

Leave a Reply