Technology News
  • Home
  • Mobiles
  • Mobiles News
  • Samsung Smartphones Since 2014 Affected by Critical Zero Click Bug That Allows Remote Code Execution

Samsung Smartphones Since 2014 Affected by Critical Zero-Click Bug That Allows Remote Code Execution

The Samsung zero-click vulnerability resides in how the company's Android system interacts with the custom Qmage format.

By Abhik Sengupta | Updated: 7 May 2020 16:05 IST
Samsung Smartphones Since 2014 Affected by Critical Zero-Click Bug That Allows Remote Code Execution

Samsung phones recently started receiving May security patch

Highlights
  • Samsung listed the vulnerability as "critical"
  • The vulnerability can reveal call logs, contacts, and more
  • It is uncertain whether the fix will be rolled out to all Samsung devices
Advertisement

Samsung started rolling out the May 2020 Security Patch last week. The security patch fixes a "critical" remote code execution (RCE) bug plaguing all Samsung mobiles sold since 2014. The security flaw resides in Samsung devices' handling of the custom Qmage image format (.qmg) that is processed by Android's graphics library called Skia. This security flaw can be exploited in a zero-click scenario, which means that it can work without users' knowledge or without any kind of interaction with the device. Meanwhile, Samsung has acknowledged the security issue and its May security update contains the fix. It is uncertain whether the fix will be rolled out to all affected devices however, and we've reached out to the company for clarity on eligible devices.

What is the security flaw?

The security flaw resides with how Samsung devices interact with the Qmage image format was pointed by Mateusz Jurczyk, a security researcher with Google's Project Zero bug-hunting team and was first reported by ZDNet. According to Jurczyk, once a Samsung user receives an image file via Samsung Messages app, Android redirects all images to the Skia library for processing. However, the image files with .qmg format can be exploited as it can reveal the position of the Skia library in the phone's memory. The research further states that it requires up to 300 MMS messages to probe and bypass Android's Address Space Layout Randomisation (ASLR) protection. The whole process of locating the Skia library typically takes around 100 minutes.

What happens after the Skia library is located?

As per Jurczyk, once the Skia library is traced via the Qmage file (in this case through files received on Samsung Messages app), the hacker can execute codes without user's interaction with the device. As for what the hacker gains here, Jurczyk indicates that the attacker gains full access to a variety of personal user information including call logs, contacts, microphone, storage, SMS messages, etc.

"After reporting the crashes, I spent several weeks working on a 0-click MMS exploit proof-of-concept for one of the vulnerabilities. I managed to achieve this goal with a Samsung Galaxy Note 10+ phone running Android 10." The process of locating the Skia library on the Samsung device was also demonstrated in a video by the security researcher.

Samsung smartphones started supporting the custom Qmage format on all devices released since late 2014. Samsung is said to be the only manufacturer affected by the bug, as it is reportedly the only one that modified the Android OS on its devices to support the Qmage format, developed by South Korean firm Quramsoft.

What is Samsung saying?

Although Samsung has not released any statement about the Qmage security flaw, the company is, however, rolling out updates to fix the problem. Recently, Samsung Galaxy S20 Series received the May 2020 security patch that fixes the zero-click vulnerability dubbed as SVE-2020-16747. The bug can be found on the Samsung security bulletin that has listed it as a "critical" issue. It describes it as "A possible memory overwrite vulnerability in Quram qmg library allows possible remote arbitrary code execution." As mentioned, it is uncertain which devices will receive fix, and we've reached out for clarity on this front.

Is Mi 10 an expensive OnePlus 8 or a budget budget S20 Ultra? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Samsung, Skia library, Skia, zero click vulnerability, RCE, Qmage, Project Zero
Vivo Y30 With Quad Rear Cameras, MediaTek Helio P35 SoC Launched: Price, Specifications
Lyft Sees Rider Demand Improving After Coronavirus Bottom, 'On Path to Profitability'

Related Stories

Samsung Smartphones Since 2014 Affected by Critical Zero-Click Bug That Allows Remote Code Execution
Comment
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

Advertisement

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Vivo V30e to Debut in India on This Date; Key Features, Colours Revealed
  2. Ray-Ban Meta Smart Glasses: Versatile and Practical
  3. Meta Claims Its Newly Launched Llama 3 AI Outperforms Gemini 1.5 Pro
  4. Apple's Rumoured 12.9-Inch iPad Air May Arrive With This Display Upgrade
  5. With Tencent's InstantMesh, You Can Convert Any Image Into a 3D Render
  6. OTT Releases This Week: Rebel Moon Part 2, Article 370 and More
  7. HMD Unveils The Boring Phone With No Access to Internet
  8. Nothing Phone 2 Gets NothingOS 2.5.5 Update With ChatGPT Integration
  9. Samsung Galaxy M35 5G India Support Page Goes Live
  10. Google Maps to Show EV Charging Stations, Public Transport Options Soon
#Latest Stories
  1. Meta AI Gets Upgraded With Llama 3 to Add New Features, Better Integration
  2. Vivo V30e India Launch Date Set for May 2; Design, Colourways, Key Specifications Revealed
  3. Itel Super Guru 4G Feature Phone With YouTube, UPI Support Launched in India: Price, Specifications
  4. Apple HomePod LCD Display Component Image Leak Hints at Arrival of Upgraded Model
  5. Bitcoin Price Above $61,000, Ether and Majority Altcoins See Losses Ahead of BTC Halving
  6. Kingdom Come: Deliverance 2 Announced With Visceral Reveal Trailer, Will Arrive Later This Year
  7. Meta Llama 3 AI Models With 8B and 70B Parameters Launched, Said to Outperform Google’s Gemini 1.5 Pro
  8. Apple Tipped to Equip Purported 12.9-inch iPad Air Model With Mini LED Screen
  9. New OTT Releases This Week: Rebel Moon Part 2, Article 370, All Indian Rank and More
  10. Google Maps Makes It Easier to Find EV Chargers, Search Now Shows Sustainable Travel Options
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »