Security News > 2020 > February > Google: Protections Added by Samsung to Android Kernel Increase Attack Surface

Google: Protections Added by Samsung to Android Kernel Increase Attack Surface
2020-02-13 16:20

A Google Project Zero researcher claims that some of the security features added by Samsung to the Android kernel don't provide meaningful protection and they actually increase the attack surface.

Project Zero researcher Jann Horn has analyzed the Android kernel shipped by Samsung with its Galaxy A50 phones and found that some security features added by the tech giant actually make security worse.

Samsung's kernel includes a protection feature designed to prevent attackers from reading or modifying user data.

Exploitation also involves another vulnerability - an information disclosure flaw in the Linux kernel tracked as CVE-2018-17972 - that had been patched in the Linux kernel and the Android common kernel, but not in the Android kernel shipped by Samsung to its phones.

Horn says he has not analyzed the kernel in other Samsung phones besides the A50, but he noted that vendor-specific modifications made to core kernel functionality in general can introduce vulnerabilities and make it more difficult to "Lock down the attack surface."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/foT1wvmxGpY/google-protections-added-samsung-android-kernel-increase-attack-surface

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-10-03 CVE-2018-17972 Race Condition vulnerability in multiple products
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11.
local
low complexity
linux canonical redhat debian CWE-362
5.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Samsung 1618 128 356 397 74 955
Kernel 3 0 7 4 1 12