Best buy guide: Galaxy Watch 6 or Galaxy S24+. Woo-hoo join SamMobile on WhatsApp or Telegram!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

Notifications
    News for you

    Google slams Samsung for making unnecessary changes to Linux kernel code

    Phone
    By 

    Last updated: February 14th, 2020 at 08:08 UTC+01:00

    We all know that Samsung makes an extra effort in strengthening the security of its smartphones with initiatives such as Knox. However, sometimes those extra efforts hurt more than they help. Now, Google has slammed the South Korean smartphone brand for making unnecessary changes to the Linux kernel code and exposing it to more security bugs.

    According to Google Project Zero researcher Jann Horn, Samsung is creating more vulnerabilities by adding downstream custom drivers for direct hardware access to Android's Linux kernel. These changes are implemented without being reviewed by upstream kernel developers. Horn found a similar mistake in the Android kernel of the Galaxy A50, and the unreviewed custom driver added security bugs related to memory corruption.

    The bug affected the company's PROCA (Process Authenticator) security subsystem. Samsung describes the bug as a moderate issue on its security website. It allows “possible arbitrary code execution” on some Galaxy smartphones running Android 9.0 and Android 10 operating systems. Google reported the bug to Samsung in November 2019, and the South Korean firm released a patch for the bug earlier this month.

    The blogpost by Google Project Zero researcher is focussed on efforts in Android to reduce the security impact of brands adding unique code to the Linux kernel. Google is trying to lock down processes that have access to device drivers, but changes to the kernel made by brands like Samsung undermine those efforts.

    It was suggested that smartphone makers utilize direct hardware access features that are already present in Linux rather than making changes to the kernel code. For example, PROCA is meant to stop an attacker who has already gained read and write access to the kernel, but Samsung could spend the engineering hours on preventing the attacker from getting that access in the first place.

    He says that some of the custom features that Samsung and other OEMs add to the Linux kernel on their devices are “unnecessary” and they wouldn't affect the devices even if they were removed.

     
    Follow SamMobile on Telegram now!
     
    Source Phone Galaxy A50

    You might also like

    Galaxy S10 and Galaxy A50 will no longer get software updates

    Galaxy S10 and Galaxy A50 will no longer get software updates

    Four years after the launch of the Galaxy A50 and the Galaxy S10 series, Samsung has decided to discontinue software update support for them. This sad news was first spotted by our friends at GalaxyClub earlier today when Samsung released the details surrounding the April 2023 security patch. Samsung has stopped releasing software updates to […]

    • By Asif Iqbal Shaik
    • 1 year ago
    Samsung pushes January 2023 security update to Galaxy A50

    Samsung pushes January 2023 security update to Galaxy A50

    The Galaxy A50 is eligible for quarterly security updates, and today, Samsung is rolling out this quarter’s security update to the phone. The latest update brings the January 2023 security patch, and it is currently rolling out to the phone’s variant that’s sold in Latin America (SM-A505G). The new firmware comes with version A505GUBS9CWA2 and […]

    • By Asif Iqbal Shaik
    • 1 year ago
    Galaxy A50 gets the October 2022 security update around the world

    Galaxy A50 gets the October 2022 security update around the world

    Although the Galaxy A50 got demoted from monthly security updates in April 2022, it's now time for this 2019 mid-range phone to have its security level upgraded again. Samsung is rolling out the October 2022 security patch for the Galaxy A50, and as of now, the update is available in multiple regions. The October 2022 […]

    • By Mihai Matei
    • 1 year ago
    Galaxy S10 and A50 users, say bye bye to monthly security updates

    Galaxy S10 and A50 users, say bye bye to monthly security updates

    Samsung has demoted the long-lasting Galaxy S10 series from monthly security updates to quarterly releases. From now on, the Galaxy S10e, Galaxy S10, and Galaxy S10+ will receive new security patches every three months instead of every month. The same is true for the mid-range Galaxy A50. The Galaxy S10 lineup was released in March […]

    • By Mihai Matei
    • 2 years ago
    Galaxy A53 vs Galaxy A50: Get ready to open your wallet

    Galaxy A53 vs Galaxy A50: Get ready to open your wallet

    The Galaxy A53, which was unveiled earlier today, is the successor to last year's Galaxy A52. But not all Galaxy A52 owners would be interested in upgrading to the new device. If you're currently using the Galaxy A50 or the Galaxy A51, the Galaxy A53 would be an excellent upgrade for your smartphone. Let's find […]

    • By Asif Iqbal Shaik
    • 2 years ago
    Carrier-locked Galaxy A50 gets December 2021 security update in the US

    Carrier-locked Galaxy A50 gets December 2021 security update in the US

    Two weeks ago, Samsung started rolling out the December 2021 security update to the Galaxy A50. Over the next few days, the update reached more markets worldwide. Now, the carrier-locked variant of the smartphone has started getting the latest security patch in the US. The latest software update for the US carrier-locked variant of the […]

    • By Asif Iqbal Shaik
    • 2 years ago

    Reviews

    Samsung Galaxy A35 review: The reasonable choice

    • 1 week ago

    Samsung Galaxy A55 review: A long-awaited return to form!

    • 3 weeks ago

    Samsung Galaxy S24 review: The best compact flagship phone

    • 2 months ago
    More reviews

    Best picks

    Best Samsung Phones in February 2024 – Picked by experts

    • 2 months ago

    Best Samsung Earbuds in 2024

    • 3 months ago

    Best Samsung Watch in 2024

    • 3 months ago

    Best cheap Android phones 2024 by Samsung

    • 3 months ago

    Best Samsung Galaxy Tablets in January 2024

    • 3 months ago

    Devices

    More Devices

    Opinions

    Samsung’s product naming has a grammar problem

    • 2 days ago

    SolarCell remote is great but costs premium TV buyers a metal finish

    • 4 days ago

    One UI 6.1 highlighted one big problem Samsung’s still dealing with

    • 5 days ago
    More opinions

    Notebook

    Galaxy Book 4 Edge with Snapdragon X Elite could be faster than M3 MacBook Air

    • 4 days ago

    More affordable version of Snapdragon X Elite could be in the works

    • 5 days ago

    Samsung launches iMac-like All-In-One Pro PC with 4K screen, Intel Core Ultra processor

    • 5 days ago
    More notebooks

    TV

    Samsung launches 2024 lineup of Crystal 4K TVs in India

    • 1 day ago

    Samsung’s product naming has a grammar problem

    • 2 days ago

    SolarCell remote is great but costs premium TV buyers a metal finish

    • 4 days ago
    More TV

    Social media

    • Home
    • News
    • Google slams Samsung for making unnecessary changes to Linux kernel code