CVE-2018-21043

Vulnerability

An information disclosure vulnerability exists in the g2d_drv driver on Samsung mobile devices using Exynos 9810 chipsets running Android O(8.x) and P(9.0). The issue is due to inappropriate logging that reveals a kernel memory pointer, as described in Samsung's security advisory with ID SVE-2018-13035 (December 2018). Affected versions include devices with these chipset and OS combinations. [1]

Exploitation

No attacker interaction or special privileges beyond normal system access are required to observe the leaked kernel pointer; the pointer is exposed in the system log output generated by the g2d_drv driver under normal operation. The attacker would need the ability to read kernel logs (e.g., via dmesg or similar interfaces) which may be restricted but could be obtained through another vector or by an already-compromised process. [1]

Impact

Successful reading of the kernel pointer aids in bypassing Kernel Address Space Layout Randomization (KASLR), enabling further memory corruption or privilege escalation attacks. The impact is limited to information disclosure; the pointer itself does not directly provide code execution or data modification. [1]

Mitigation

Samsung has addressed this issue in a security update released as part of the monthly maintenance release process, according to the SVE-2018-13035 advisory. Users should install the latest firmware for their device from Samsung to apply the fix. No workaround is available for unpatched devices. [1]