News

Google: Samsung changes to Android kernel cause security vulnerabilities

By admin
Spread the love

Changes that Samsung has made to the kernel of its operating system for the Galaxy A50 smartphone have led to some security problems, claims Google. Google’s Project Zero team believes it’s better to leave the kernel unchanged.

One of the exploits is possible due to a security measure that Samsung has added to the kernel of its Galaxy A50 smartphone, claims Google Project Zero. “Linux kernel code has a lot of sharp edges. Changes to such a codebase, especially a fork without any control from people upstream keeping the code, can easily cause subtle problems, even if these changes are made for security measures.”

The researcher says it is better to have the code checked by the people who maintain the Linux kernel, or no longer put it in the kernel. “These changes would be better in userspace, where they could be written in more secure programming languages ​​or run in a sandbox. At the same time, that wouldn’t make updates to newer kernel releases more difficult either.”

Google has not previously spoken out against editing the Linux kernel by Android manufacturers. Project Zero found a vulnerability in Samsung’s Process Authenticator kernel feature, and it also turned out to be possible to still exploit an old kernel vulnerability because even a newer update ran an older kernel.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory