Google to Samsung: Stop messing with Linux kernel code. It’s hurting Android security
Samsung’s attempt to prevent attacks on Galaxy phones by modifying kernel code ended up exposing it to more security bugs, according to Google Project Zero (GPZ). Not only are smartphone makers like Samsung creating more vulnerabilities by adding downstream custom drivers for direct hardware access to Android’s Linux kernel, vendors would be better off using security features that already exist in the Linux kernel,according to GPZ researcher Jann Horn. It was this type of mistake that Horn found in the Android kernel on the Samsung Galaxy A50.
But as he notes, what Samsung did is pretty common among all smartphone vendors. That is, adding code to the Linux kernel code downstream that upstream kernel developers haven’t reviewed. Even when these downstream customizations are meant to add security to a device, they also introduce security bugs.
Samsung’s intended kernel security mitigations introduced a memory corruption bug that Google reported to Samsung in November.