It’s a common practice for Android OMEs to tweak the kernel code of the software to customise it for their smartphones. Sometimes it is done to improve the security and sometimes to cater to the hardware-based features. Samsung tried to change the Android kernel code in order to improve the security but unfortunately, ended up exposing the handset to even more bugs, as per the Google Project Zero team.
As mentioned by Jann Horn from the Project Zero team in a blog post, Samsung tried to add downstream custom drivers for direct hardware access to Google’s Android Linux kernel. This was done in the kernel of the Galaxy A50 smartphone. The issue here was that Samsung added downstream custom drivers without putting it for review with the upstream kernel developers.
“In other words, Samsung’s protection mechanisms won’t provide meaningful protection against malicious attackers trying to hack your phone, they only block straightforward rooting tools that haven’t been customized for Samsung phones. My opinion is that such modifications are not worth the cost,” said Horn in the blog post.
However, Horn added that what Samsung did was nothing new or uncommon as some other brands do it as well and in the process, make their devices more prone to attacks. In this case, Samsung’s downstream drivers introduced a memory corruption bug that Google reported to the South Korean handset maker back in November last year. This is now being patched in Samsung’s February update for Galaxy phones.
Also mentioned is that the February patch also fixes a flaw in the ‘TEEGRIS devices’ wherein TEE means Trust Execution Environment and is found in newer Galaxy phones that feature the company’s own TEE operating system. In case you didn’t know, Samsung Galaxy S10 is one of the TEEGRIS devices.