Google finds 11 vulnerabilities in the Samsung Galaxy S6 Edge; eight fixed

When Google researchers tried looking for vulnerabilities in the Android OS running on Samsung’s latest Galaxy S6 Edge , they found not less than 11 bugs. Google’s Project Zero looks into vulnerabilities of the device made by OEMs using the Android Open-Source Project (AOSP). “Having done some previous research on Google-made Nexus devices running AOSP, we wanted to see how different attacking an OEM device would be. In particular, we wanted to see how difficult finding bugs would be, what type of bugs we would find and whether mitigations in AOSP would make finding or exploiting bugs more difficult,” Google writes in the Project Zero blog. The most serious issue was Samsung’s WifiHs20UtilityService path traversal, a service that scans zip file in SDcard, downloads and also unzips it. The bug exploits the API used to unzip and does not verify the path, causing it to be written in any unidentified location. A script injection issue in the Samsung email client makes JavaScript vulnerabilities in the Android WebView reachable remotely via email and could increase surface attack on email client. Then, the project Zero team also found three driver issues, which can be used by bugs in media processing. “We found three bugs that would allow an exploit to disable SELinux, so it’s not an effective mitigation against every bug,” the blog states. Overall, the team found sufficient number of high-severity issues. The issues have been reported to Samsung and the company has already responded stating about eight issues have been fixed in the October Maintenance Release.