Qualcomm was left red-faced back in August at the DEF CON hacking conference when four vulnerabilities, named under the collective term "Quadrooter," were revealed for the company's chipsets. They allow complete access to any gadget running the vulnerable chips, which turns out to be around 900 million Android devices.
Qualcomm wants to avoid exploits of this scale ever happening in its products again, and so the company is launching a bug bounty program. In return for discovering and reporting security bugs, Qualcomm is offering up to $15,000 per bug as a reward.
The bug bounty program was created in collaboration with Hackerone, which touts itself as "the first vulnerability coordination and bug bounty platform." Hackerone was formed by security professionals from Facebook, Microsoft, and Google.
Qualcomm is running a closed program where it invites security researchers to take part. Initially, researchers who have already contributed to the security of Qualcomm's products will be able to sign up, but more researchers will regularly be invited to join.
A list of the chipset families Qualcomm wants security researchers to review is available, it includes the following products:
- Snapdragon 400
- Snapdragon 615
- Snapdragon 801
- Snapdragon 805
- Snapdragon 808
- Snapdragon 810
- Snapdragon 820
- Snapdragon 821
- Snapdragon X5 Modem
- Snapdragon X7 Modem
- Snapdragon X12 Modem
- Snapdragon X16 Modem
Rewards are offered for finding vulnerabilities in the following areas:
- "Android for MSM" part of the Linux kernel
- Privileged user space programs (running as root or system)
- Bootloader
- Cellular modem
- WLAN or Bluetooth firmware
- Qualcomm Secure Execution Environment (QSEE) on Trustzone
The rewards range from under $1,000 right up to the $15,000 maximum. To be eligible for $15K, Qualcomm needs to see a critical cellular modem vulnerability. A full list of pay outs for the different types of vulnerability can be seen on the Qualcomm Hackerone bug bounty program page.