If you look at CVEs in Android a lot of them are tied to proprietary Qualcomm binaries. Its crazy how your GPU driver can be exploited to get root access.
If Qualcomm wasn’t so dependent on their vendor kernel that ships with tons of binary blobs it would be lot more secure.
Maybe I did a bad job of phrasing this?
I’m saying that the bulk of Android security issues come from Qualcomm binaries
might be more accurate?