OnQ Blog

Enter the Snapdragon

Jan 12, 2015

Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries.

This is the latest in a series of product-security related posts from Qualcomm Technologies’ Corporate Product Security team.

The principal goal of Android security is the secure containment of application privileges, and the foundation of this isolation is the security of the kernel. In the early days of Android, kernel vulnerability research generally meant porting upstream issues to Android. However, in recent years we have seen an increased interest from researchers in the platform-specific attack surface of the Android kernel.

Qualcomm Technologies, thanks to our Qualcomm® Snapdragon™ processors at the heart of many Android devices, are at the center of researchers’ interest. Therefore, in cooperation with the Qualcomm Innovation Center, we have increased our focus on Android kernel security. Among other things, our work includes code reviews, vulnerability finding automation, attack surface hardening and improving the various phases of incident response. Some of this work has already been visible to the public through the introduction of Security Advisories and a Hall of Fame via the Code Aurora Forum.

In a recent presentation at the Hacktivity security conference, I described in detail our work in this area. The presentation provides insight into the scope of the platform-specific attack surface, presents tools we have developed for rapid exploit reverse engineering and automated vulnerability finding, and describes kernel hardening countermeasures that we have introduced.

The Hacktivity 2014 slides and videos can be found here.

Engage with us on


Opinions expressed in the content posted here are the personal opinions of the original authors, and do not necessarily reflect those of Qualcomm Incorporated or its subsidiaries ("Qualcomm"). Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Qualcomm or any other party. This site may also provide links or references to non-Qualcomm sites and resources. Qualcomm makes no representations, warranties, or other commitments whatsoever about any non-Qualcomm sites or third-party resources that may be referenced, accessible from, or linked to this site.

Daniel Komaromy

Staff Engineer

©2022 Qualcomm Technologies, Inc. and/or its affiliated companies.

References to "Qualcomm" may mean Qualcomm Incorporated, or subsidiaries or business units within the Qualcomm corporate structure, as applicable.

Qualcomm Incorporated includes Qualcomm's licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm's engineering, research and development functions, and substantially all of its products and services businesses. Qualcomm products referenced on this page are products of Qualcomm Technologies, Inc. and/or its subsidiaries.

Materials that are as of a specific date, including but not limited to press releases, presentations, blog posts and webcasts, may have been superseded by subsequent events or disclosures.

Nothing in these materials is an offer to sell any of the components or devices referenced herein.