Google Pixel / Android Lock Screen Bypass

There is a possible lockscreen bypass due to a logic error in the android code.
The issue allowed an attacker with physical access to bypass the lock screen protections (fingerprint, PIN, etc.) and gain complete access to the user’s device.
The vulnerability is tracked as CVE-2022-20465 and it might affect other Android vendors as well.

It’s also worth reading this article to understand how the bypass was found and how the report progress went.

This post is of course not intended to encourage you to take advantage of this, but make sure to update your device as soon as it’s possible.

4 Likes

It worked on my google pixel 3a… disturbing this…

I wonder if this works with a GrapheneOS and CalyxOS Pixel as well

it does, i tested on both.

However CalyxOS is the only one who patched some older pixels and GrapheneOS doesnt patched them so if anyone is using here 3 or 4 series of pixel phones I’d highly suggest they use CalyxOS instead of GrapheneOS!

1 Like

damn i hope google rolls out some patch real fucking fast

They have done that already (for the new pixel phones), the end of life pixel phones didnt receive a patch nor will they ever. CalyxOS did a great job here for us.

4 Likes

As @CharAznable said, the patch for this came out in the November 2022 security update.

The latest versions of GrapheneOS and CalyxOS include Google’s November 2022 security patch, which addresses the lock screen bypass CVE.

Yeah, even if I prefer GrapheneOS if your device is unsupported just go with CalyxOS.
Better to give up a part of your security than using an unsupported device.

Another reason to ditch Google’s Android and use GNU/Linux. Using the Pinephone w/ PostmarketOS rn and can confirm it’s really great for security/privacy. GNU/Linux is itself very secure and combine that with the high security of Pinephone, it’s just a match made in heaven for privacy/security.

Unrelated Discussion

Trying to reason with you is just a waste of time since you have demonstrated in your other posts how big of a GNU shill you are. (mods pls don’t take this as a name-calling attack, it’s not.) Still I will try my best as I have nothing better to do.

There aren’t any security chips present in Pinephone as of today. It uses a trivial to bypass PGP based verification to verify the integrity of the kernel. That’s all it has for security. (No UEFI secure boot or TPM based validation or anything like that). Android on the other hand has a full verified boot chained with the bootloader. The hardware kill switches does nothing to improve the security of your Pinephone. Andoid on the other hand uses strict SELinux polices for accessing camera permissions and other stuff which cannot be bypassed. Memory corruption bugs do occur in these case; however Android has reasonable protections in place (nothing is perfect). There aren’t any “high security” on Pinephone, sorry to hurt your feelings.

No sources?

I think in this kind of situation the best thing you can do is reply to the concerns you have about the other person’s comments rather than addressing the other person directly in a negative light. Lots of folks have seen how @l00ker behaves and that combative nature may get attention from the mods at some point.

In this forum we’re trying to have discussions in respectful ways and acknowledge other people’s opinions, preferences, and threat models. Sometimes we’ll think folks are wrong, but we gotta have grace to let things slide for the sake of the culture of the forum. That is until things cross the line to where moderators have to get involved. In the meantime, people who are unpleasant to talk to will drive other away.

2 Likes

ThreatWire now made a Video about the lockscreen bypass :slight_smile: