VoLTE

In early 2023, a Korean developer launched the "Pixel IMS" app, enabling VoLTE and VoWiFi on unsupported carriers for Pixel users. A recent Google update in October 2025 disrupted this functionality by closing a loophole that allowed the app to access the overrideConfig API, resulting in the app crashing when users tried to toggle these features. The overrideConfig API is restricted to apps with the MODIFYPHONESTATE permission, typically reserved for privileged system applications. The Pixel IMS app had previously used Shizuku, an open-source tool, to gain elevated privileges and access the API. Google reclassified the loophole as a high-severity privilege escalation vulnerability but did not include it in the latest security bulletin. The update added a check to the overrideConfig API, blocking access from the shell user. In response, the developer created a workaround that indirectly calls the API through an Instrumentation component, circumventing the restriction. However, this workaround is vulnerable to future patches from Google, which could remove the necessary permissions from the shell app.