Samsung Google Android core kernal

Google is accustomed to seeing smartphone vendors making changes to the Linux kernel in Android. It is essential, at times, for some device-specific drivers to function properly.

However, it was “unnecessary” to make such changes in Samsung Galaxy A50’s Android kernel, writes Google’s Jann Horn in a blog post. Horn is part of Google’s Project Zero (GPZ) team that is responsible for finding bugs and security exploits.

Samsung made those additions in the kernel to mitigate attacks. But these changes ended up creating more security bugs, according to Google.

What did Samsung do to anger Google?

The smartphone manufacturer added downstream custom drivers to create direct hardware access to Android’s Linux kernel. The problem is that Samsung made the changes without putting up for review by the upstream kernel developers.

In other words, Samsung tried to fix problems on their own. This resulted in new security exploits in the Galaxy devices based on Android 9 and Android 10.

One such memory corruption bug was patched by Samsung in a February security update after Google reported it in November last year.

“I believe that device-specific kernel modifications would be better off either being upstreamed or moved into userspace drivers, where they can be implemented in safer programming languages and/or sandboxed, and at the same time won’t complicate updates to newer kernel releases.”

Horn mentions that such additions to the kernel from a vendor often result in vulnerabilities and compromise security steps taken by Google.