CVE-2022-20340 – Android OS user activity information disclosure via side-channel vulnerability

In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation

Description

In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation

Exploitation

The vulnerability was discovered as part of a research about side-channel vulnerabilities through Android NDK / libc functions.

More details are available at the following URL:

https://arxiv.org/pdf/2204.05911.pdf

Impact

By exploiting the vulnerability, it would be possible to infer, under certain conditions, the websites accessed using a browser on a specific Android device

Remediation

To fix the vulnerability, it is necessary to update the Android OS to Android 13

Credits

Valerio Brussani (valbrux) – NoZero

NoZero