The project GrapheneOS, known for working on a secure version of the Android Open Source Project (AOSP), recently discovered a critical issue in the Bluetooth stack of Android 14 that could potentially allow for remote code execution. The vulnerability, known as Use-After-Free (UAF), occurs during audio transmissions over Bluetooth Low Energy.
The team at GrapheneOS identified the flaw while utilizing the Hardened_malloc function, which incorporates additional security measures through armv8.5 MTE (Memory Tagging Extension). MTE helps in tracking and preventing the misuse of pointers related to freed memory blocks, buffer overflows, and other similar security vulnerabilities.
This vulnerability became apparent after the Android 14 QPR2 update in early March, affecting all smartphones without MTE enabled. GrapheneOS had already implemented MTE to enhance security, but the error persisted for devices like the Samsung Galaxy Buds2 Pro when using Bluetooth, leading to connection failures.
The latest update, GrapheneOS 2024030900, has successfully patched the vulnerability and only impacts devices without MTE protection (currently available for Google Pixel 8 and Pixel 8 Pro). For Pixel 8 users experiencing issues with the Android 14 QPR2 update, enabling MTE in the developer settings can mitigate the problem, albeit with a minor increase in memory consumption of around 3% without compromising performance.