[Replicant] Unpatched Samsung Chipset Vulnerabilities Open Android Users to RCE Attacks
Denis 'GNUtoo' Carikli
GNUtoo at cyberdimension.org
Fri Mar 24 22:29:24 UTC 2023
On Wed, 22 Mar 2023 19:19:40 -0000
John via Replicant <replicant at osuosl.org> wrote:
> Does this affect Replicant devices too?
>
> https://www.darkreading.com/attacks-breaches/samsung-chipset-vulnerabilities-android-users-rce-attacks
I'm not sure if Replicant devices are affected too, though:
- It's relatively easy to find vulnerabilities in Samsung modems more
recent than the ones supported by Replicant, so it would be
surprising if it wasn't easy to also find similar vulnerabilities in
the modems of Replicant compatible smartphones.
- Replicant 6.0 probably has many unpatched vulnerabilities because
it's based on a LineageOS version that isn't maintained anymore. Some
are probably serious and easily exploitable (like the ones in
Webview, the browser component used in many Android applications).
Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20230324/029f5244/attachment.asc>
More information about the Replicant
mailing list