Google Project Zero says Samsung's efforts to tighten security on Galaxy smartphones actually expose them to more security vulnerabilities. The problem, according to the researchers, is mainly changes to the Linux kernel of Android, which threaten the security of the operating system.
"The Linux kernel code is sometimes rigid – and changes to its base code, especially in a fort that is not checked in advance, can easily introduce subtle problems, even when these changes were intended to implement 'security' features ”says cybersecurity researcher Jann Horn. The Google Project Zero details in a long analysis, the implications of certain modifications of the kernel carried out by certain manufacturers, in particular Samsung.
Initially, the author was interested in a bug leading to a memory corruption of the Android kernel of the Galaxy A50 ROM. But also the fact that a second vulnerability, long since fixed in other versions of Android upstream – but not in the Android kernel of Samsung smartphones – contributes to making the first bug exploitable by hackers. Manufacturers are used to modifying the Android kernel to adapt it to various models of smartphones.
The problem is that vendors often modify the kernel directly, rather than relying on the Hardware Abstraction Layer (HAL) which limits the impact of possible security breaches leading to device-specific changes. However, the bug leading to memory corruption was paradoxically the result of an attempt by Samsung to strengthen security. The bug has since been patched, but the question the researcher is asking is how, in this context, reduce the surface area of attacks for potential hackers.
"I believe that device-specific kernel modifications would be better either moved upstream or in the user space drivers, where they can be implemented in simpler and / or sandboxed programming languages, and that at the same time they will not be able to complicate updates to newer versions of the kernel ", concludes the researcher.
Read also: Samsung doesn't have to deploy Android security updates on older smartphones
The researcher's analysis and its implications are quite complex, but if you want to go further, we recommend reading the post (in English) of Jann Horn on the blog post of Project Zero.
Source: Google Project Zero