Connect with us

Hi, what are you looking for?


Mobile & Wireless

Google Researchers Find Serious Flaws in Galaxy S6 Edge

Researchers from Google’s Project Zero have identified nearly a dozen high severity vulnerabilities in the Android operating system running on Samsung Galaxy S6 Edge smartphones.

Researchers from Google’s Project Zero have identified nearly a dozen high severity vulnerabilities in the Android operating system running on Samsung Galaxy S6 Edge smartphones.

While Google is the main developer of Android, device manufacturers such as Samsung, LG, HTC and Huawei have been using the Android Open Source Project (AOSP) source code to create their own variations of the mobile operating system.

Project Zero wanted to put the security of an OEM device to the test to see how it compares against Google’s Nexus, for which the Internet giant has started releasing monthly security updates.

“OEMs are an important area for Android security research, as they introduce additional (and possibly vulnerable) code into Android devices at all privilege levels, and they decide the frequency of the security updates that they provide for their devices to carriers,” Project Zero researcher Natalie Silvanovich said in a blog post.

Ten researchers, members of Project Zero and other Google security teams, were tasked with finding vulnerabilities in Samsung’s Galaxy S6 Edge smartphone, which they claim to have chosen because it’s a high-end device with a large number of users.

They specifically looked for three types of issues that can be part of a kernel privilege escalation exploit chain, including gaining remote access to contacts, photos and messages, gaining access to such data from a Google Play application that requires no permissions, and using this access to persistently execute code even after a device wipe.

A total of eleven high severity issues have been identified, the most serious being a path traversal vulnerability (CVE-2015-7888) in the Samsung WifiHs20UtilityService service that can be exploited to write arbitrary files on the system.

The email client installed on Samsung Galaxy S6 Edge devices is also plagued by a serious flaw (CVE-2015-7889), which allows an attacker to forward a user’s emails to a different account via a series of intents from an unprivileged application. Another email client issue (CVE-2015-7893) can be exploited to execute arbitrary JavaScript code embedded in a message.

Advertisement. Scroll to continue reading.

Google researchers also found issues related to drivers (CVE-2015-7890, CVE-2015-7891, CVE-2015-7892), and image parsing (CVE-2015-7894, CVE-2015-7895, CVE-2015-7896, CVE-2015-7897, CVE-2015-7898).

“Overall, we found a substantial number of high-severity issues, though there were some effective security measures on the device which slowed us down. The weak areas seemed to be device drivers and media processing. We found issues very quickly in these areas through fuzzing and code review. It was also surprising that we found the three logic issues that are trivial to exploit. These types of issues are especially concerning, as the time to find, exploit and use the issue is very short,” Silvanovich explained.

The expert pointed out that while SELinux (Security-Enhanced Linux) provides significant protection, some of the bugs they have identified can be exploited to disable this kernel security module.

Project Zero reported the vulnerabilities to Samsung in late July and eight of them were addressed by the vendor with its October maintenance release. The remaining three security bugs will be resolved later this month, but researchers say the unpatched issues have a lower severity.

After the existence of the critical Stagefright vulnerabilities came to light this summer, Samsung, LG and other phone manufacturers announced their plans to release monthly security updates designed to patch Android vulnerabilities. But not all vendors rushed to make such commitments. HTC said it will push for monthly security updates, but the company has deemed monthly update guarantees “unrealistic.”

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.