CVE-2023-49794

Name of the Vulnerable Software and Affected Versions KernelSU versions 0.7.1 and prior

Description KernelSU is a Kernel-based root solution for Android devices. The logic of getting the apk path in the KernelSU kernel module can be bypassed, allowing any malicious apk named me.weishu.kernelsu to gain root permission. If a device with the KernelSU module installed attempts to install any unverified apk with a package name equal to the official KernelSU Manager, it can assume root privileges on the device.

Recommendations For KernelSU versions 0.7.1 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the installation of apks with package names equal to the official KernelSU Manager to minimize the risk of exploitation. Avoid installing unverified apks, especially those named me.weishu.kernelsu, until a patch is available.