The issue exists due to uninitialized data provided to the kernel heap memory read routine, leading to information disclosure. The routine reads uninitialized data from the user-space heap, leading to local information disclosure. This could be exploited by an attacker by providing specially crafted input to the kernel heap memory read routine. No additional user interaction is needed. The result would be information disclosure. This issue does not affect devices running Android 7.0 and lower.End user detection is not possible due to the exploitation mechanism being from uninitialized data. This issue does not affect most Android devices as the vast majority of them do not have a SD card. However, it is still worth noting as it can lead to local information disclosure. On the other end, kernel heap memory is used to store critical system data, such as memory dumps and crash logs. As a result, an attacker could potentially gain access to those types of data. - Source

CVE-2023-20009

The issue exists due to a memory leak in the Linux kernel that allows attackers to cause a denial of service (memory exhaustion) by triggering repeated use of the unix_dgram_sendmsg system call.

Android 6.0 and 5.0-5.1 Booting Process Overview

The Android boot process starts at the moment of reset in the main application processor, and transfers control over to the Android kernel. The kernel uses a stacked Linux-like design, in which the low-level device drivers are located on a separate layer from the virtual memory management software. This is done to isolate themselves from changes in system configuration, as well as to speed up reboots by not loading kernel modules that aren't needed during boot time. In practice, this separation means that any driver errors will be caught at the lower level and won't affect other components of the system. All drivers for hardware on an Android device must be signed with a key matching one of these seven signing certificates:

Timeline

Published on: 05/10/2022 20:15:00 UTC
Last modified on: 05/16/2022 16:04:00 UTC

References