Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks. The vulnerabilities came to light during research carried out by a team of nine computer scientists from the University of California, Santa Barbara. Researchers presented their work earlier this month at the USENIX conference in Vancouver, Canada. They also found a vulnerability in the NVIDIA chipset, and five in HiSilicon bootloaders.
Source: https://www.bleepingcomputer.com/news/security/vulnerabilities-discovered-in-mobile-bootloaders-of-major-vendors/