Google Project Zero says Samsung’s efforts to tighten security on Galaxy smartphones actually expose them to more security vulnerabilities. The problem, according to the researchers, is mainly changes to the Linux kernel of Android, which threaten the security of the operating system.
“The Linux kernel code is sometimes rigid – and changes to its base code, especially in a fort that is not checked in advance, can easily introduce subtle problems, even when these changes were intended to implement ‘security’ features, ” says cybersecurity researcher Jann Horn. The Google Project Zero details in a long analysis, the implications of certain modifications of the kernel made by certain manufacturers, notably Samsung.
Initially, the author was interested in a bug leading to a memory corruption of the Android kernel of the ROM of the Galaxy A50. But also the fact that a second vulnerability, long since fixed in other versions of Android upstream – but not in the Android kernel of Samsung smartphones – contributes to making the first bug exploitable by hackers. Manufacturers are used to modifying the Android kernel to adapt it to various models of smartphones.
The problem is that vendors often modify the kernel directly, rather than being content with the Hardware Abstraction Layer (HAL) which limits the impact of possible security breaches leading to device-specific modifications. However, the bug leading to memory corruption paradoxically resulted from an attempt by Samsung to strengthen security. The bug has been patched in the meantime, but the question posed by the researcher is how, in this context, reduce the surface of attacks for potential hackers.
“I believe that device-specific kernel modifications would be better either moved upstream or in the user space drivers, where they can be implemented in simpler and / or sandboxed programming languages, and that at the same time they will not be able to complicate updates to newer versions of the kernel, ” concludes the researcher.
The researcher’s analysis and its implications are quite complex, but if you want to go further, we recommend that you read Jann Horn’s post (in English) on the Project Zero blogpost.
Source : Google Project Zero