Skip to content

Google Pixel Vulnerability Allows Recovery of Cropped Screenshots

Google Pixel Vulnerability Allows Recovery of Cropped Screenshots

A vulnerability lurking in Google’s Pixel phones for five years allows for the recovery of an original, unedited screenshot from the cropped version of the image.

Referred to as aCropalypse and tracked as CVE-2023-21036, the issue resides in Markup, the image-editing application on Pixel devices, which fails to properly truncate edited images, making the cropped data recoverable. Reverse engineers Simon Aarons and David Buchanan, who identified the bug, point out that the bug has existed since 2018 and that it was the result of a code change that Markup did not adhere to.

Specifically, when switching from Android 9 to Android 10, the parseMode() function was modified to overwrite a file with a truncated one if the argument ‘wt’ was passed to it. Previously, the argument ‘w’ was needed for the same operation. Because Markup’s behavior was not changed and it continued to use the argument ‘w’, while it did crop the image, it did not tell the OS to overwrite the original with the smaller version, resulting in the truncated data being left at the end of the file instead.

The researcher also points out that the change from ‘w’ to ‘wt’ was only documented in 2021, when a bug report was submitted. Google addressed the vulnerability with the March 2023 security update for Pixel devices, which patches more than 120 bugs, aside from the issues resolved with the March 2023 Android update.

Aarons and Buchanan released proof-of-concept (PoC) code targeting the vulnerability and explain that, even if the flaw is patched, it still represents a potential privacy issue: any screenshots cropped before the patch can be at least partially restored to the original. Buchanan points out that the bug existed for about 5 years before being patched, which is mind-blowing given how easy it is to spot when you look closely at an output file.

In conclusion, Google’s Pixel phones have been found to have a vulnerability that allows for the recovery of an original, unedited screenshot from the cropped version of the image. This vulnerability, tracked as CVE-2023-21036, has existed since 2018, and was addressed by Google in the March 2023 security update. Even though the vulnerability is patched, any screenshots cropped before the patch can be at least partially restored to the original, making it a potential privacy issue.

Key Points:

  • Google’s Pixel phones have a vulnerability that allows for the recovery of an original, unedited screenshot from the cropped version of the image.
  • The bug was tracked as CVE-2023-21036 and has existed since 2018.
  • Google addressed the vulnerability in the March 2023 security update for Pixel devices.
  • Even though the vulnerability is patched, any screenshots cropped before the patch can still be partly restored to the original.

Leave a Reply

Your email address will not be published. Required fields are marked *