Ra's al Ghulia Roberts

@pantomimebadger

"might I honk uponst a strawb"

he/him

writer, occasional uni lecturer/teacher, biped, cardboard rotator. living on Kaurna country, always was, always will be. pic: leona florianova (http://leona-florianova.tumblr.com)

Ra's al Ghulia Roberts @pantomimebadger3/17/2023, 9:22 AM

Mae 美妍 @AtFruitBat

Nire Bryce @NireBryce3/17/2023, 3:00 AM

ATTENTION: if you have a google pixel 6+ or a galaxy S22 or medium-to-lower-end samsung galaxy phone in the last few years, you need to turn off Voice/video over LTE, and Wifi Calling, as soon as you can. there's instructions in the article at the bottom of this post

edit3: maybe not VoLTE as it might just straight up disable your ability to call (i can't check, p6 doesn't have the option), but in those cases if you have Google voice you might be able to set up call forwarding for now

there's a remote code execution vulnerability in your phone's baseband firmware. they're disclosing early, but not disclosing the vulns, so there's a chance it's not in the wild yet, but people may start trying to reverse engineer it from the details

check if your car or watch are vulnerable, if they also run android.
edit: I believe on the pixels, they've moved to 5g so VoLTE isn't there. I'd still maybe disable video-over-carrier just in case.
edit2: maybe not, check comments edit 4: Check bottom for errata

it goes directly from internet to baseband-level (tl;dr: the second OS inside your phone that powers the LTE/5G modem) remote code execution. This is morally equivalent to getting code running on your ~~WiFi card~~ [something with direct low-level access to everything your phone does].

Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.

I haven't looked deep enough to know if they've found anything in the wild, but after things are announced is the time to be... even more careful, because, well, now even more people will be looking for it.

https://pony.social/@cadey/110036126043102164

https://9to5google.com/2023/03/16/google-exynos-modem-vulnerabilities/

errata:

https://cohost.org/hecate/post/1193642-mild-correction-bas

https://cohost.org/lizthegrey/post/1196541-correction-it-doesn

#The Cohost Global Feed #severity: on a scale of 1-10 I think this is a "run, do not walk"#baseband vulnerability #CVE-2023-24033

You must log in to comment.

in reply to @NireBryce's post:

2 lazy 2 think of name and/or avatar @nightfield3/17/2023, 3:14 AM

Thanks for the heads up

~@modulusshift3/17/2023, 3:15 AM

Oh man that’s crazy. I wonder if USA market Samsung devices are affected, since they use Qualcomm SoCs, and to my knowledge their modems too. It would be ironic if the Pixels were affected, since Google’s chips are descended from Exynos, but Samsung’s own devices in the US weren’t.

No Man's Skye @AmanitaVerna3/17/2023, 3:41 AM

Thank you for posting this! I wouldn't likely have noticed this any time soon if you hadn't. I have at least one discord friend who also has a pixel phone (I would assume with WiFi calling off, because it drops calls with it on, but, you never know, and you never know who might have one of those Samsung phones).

I personally never turned on wi-fi calling on my Pixel 6a because of all the reports that Pixel 6 series phones constantly dropped calls with it turned on, which seemed kinda sus (and made the feature worthless even if there wasn't an exploit there waiting to be found). I didn't imagine it being quite this severe, though. At least this one is actually patchable, unlike the Bluetooth exploit a few years back which I remember affected my old phone.

Beta is on cohost dot org @stillinbeta3/17/2023, 3:44 AM

The settings for disabling those features are missing on my phone so I guess I just gotta hope for the best

Nire Bryce @NireBryce3/17/2023, 4:43 AM

if yours is 5g the LTE thing doesn't matter as long as you don't set it to "prefer LTE", I think.

Chamomile🐑@chamomile3/17/2023, 5:52 PM

Unfortunately this is exactly what I've done, because otherwise my phone will try to use even the weakest, flakiest 5G signal available while LTE is perfectly useable. I guess I could switch to 3G, but it's not clear to me if that setting impacts just data or voice too.

Average Choster @IkomaTanomori3/17/2023, 3:52 AM

Neat. I'm immune because my Galaxy S7 is ancient now. I'm glad I insisted on taking the same outdated model when I last replaced one which had a battery failure (of the "bloating up and maybe it was going to catch fire" variety).

Lapis the Nevrean @lapisnev3/17/2023, 4:16 AM

My carrier requires VoLTE and it can't be turned off on my phone anyway :D

But I turned off WiFi Calling at least. Hope this gets patched quickly

Nire Bryce @NireBryce3/17/2023, 4:43 AM

if yours is 5g the LTE thing doesn't matter as long as you don't set it to "prefer LTE", I think. But I don't know.

Lapis the Nevrean @lapisnev3/17/2023, 5:01 AM

VoLTE is "Voice over LTE". This is calling with digital audio over cellular data so the phone doesn't have to fall back to 2G/3G analog voice stream. If you have a recent phone, you're using it, even if your data is 5G.

Most carriers require it to officially support devices because 2G/3G calling is extremely congested in urban centers and sometimes devices still depending on it will never ring for calls.

Dabo @daboross3/17/2023, 4:41 AM

oof. like others are saying, VoLTE is not toggleable for my device. maybe i can mitigate this with wifi calling and video-over-carrier disabled and 3G network preference? not sure.

Nire Bryce @NireBryce3/17/2023, 4:42 AM

I believe on the pixels it's already 5g and not LTE

Dabo @daboross3/17/2023, 4:59 AM

yes, but i believe both lte and 5g can be disabled with a network preference for 3g?

it does not work for me in any case, as i don't seem to have 3g coverage here, so my pixel just disconnected from the cell network entirely. but i think it could have

i may also try disabling mobile data - since i am guessing volte is tied to that? but that's a big cost to pay to stay protected. not sure.

anuw @anuw3/17/2023, 5:03 AM

Yes VoLTE is specific to 4g, it's not available if you switch to 3g. I test out some 5g stuff at work and I also see the VoLTE symbol at the top of the phone even when it's connected purely to 5g architecture. I'm not really knowledgeable in the specifics of the exploit or the specifics of the role VoLTE plays in 5g, but the symbol seems to indicate it plays some role.

Pile Of Garbage @garbo3/17/2023, 4:35 PM

might be worth adding the Google Project Zero post about the vuln to your chost as it's more specific and succinct than the 9to5google one: https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html