Security News > 2020 > February > Google: Protections Added by Samsung to Android Kernel Increase Attack Surface
A Google Project Zero researcher claims that some of the security features added by Samsung to the Android kernel don't provide meaningful protection and they actually increase the attack surface.
Project Zero researcher Jann Horn has analyzed the Android kernel shipped by Samsung with its Galaxy A50 phones and found that some security features added by the tech giant actually make security worse.
Samsung's kernel includes a protection feature designed to prevent attackers from reading or modifying user data.
Exploitation also involves another vulnerability - an information disclosure flaw in the Linux kernel tracked as CVE-2018-17972 - that had been patched in the Linux kernel and the Android common kernel, but not in the Android kernel shipped by Samsung to its phones.
Horn says he has not analyzed the kernel in other Samsung phones besides the A50, but he noted that vendor-specific modifications made to core kernel functionality in general can introduce vulnerabilities and make it more difficult to "Lock down the attack surface."
News URL
Related news
- Microsoft warns of "Dirty Stream" attack impacting Android apps (source)
- Bug hunters can get up to $450,000 for an RCE in Google’s Android apps (source)
- Finland warns of Android malware attacks breaching bank accounts (source)
- Google fixes fifth Chrome zero-day exploited in attacks this year (source)
- Malicious Android Apps Pose as Google, Instagram, WhatsApp, to Steal Credentials (source)
- Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android (source)
- Google Launches AI-Powered Theft and Data Protection Features for Android Devices (source)
- Android 15, Google Play get new anti-malware and anti-fraud features (source)
- Android 15, Google Play Protect get new anti-malware and anti-fraud features (source)
- Over 90 malicious Android apps with 5.5M installs found on Google Play (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |