Futex (aka Towelroot) vulnerability - CVE-2014-3153
I hope it's a good idea to open a bug ticket about the forum topic: http://redmine.replicant.us/boards/9/topics/6903
Replicant is (at the moment) vulnerable to the Towelroot security issue.
More informations: http://zomo.herokuapp.com/blog/2014/06/21/pinkie-pies-cve-2014-3153
There seem to exist "android_kernel_samsung_exynos5410" (= AFAIK: Samsung Galaxy S4) patches for CM 11.0:
Some more (probably optional) fixes:
Hope there is an easy way to fix that behavior in Replicant.
Updated by Denis 'GNUtoo' Carikli almost 6 years ago
Maybe we should classify better the security issues.
Here it's a security bug (There is no category for that yet) and it's a privilege escalation.
Is it exploitable by f-droid applications?Since android applications are somehow sandboxed, would toweelroot work?
It uses mmap, and the sockets API.
- IS mmap prevented?
- Does CONFIG_PARANOID_NETWORK prevent using sockets that way?
Updated by My Self almost 6 years ago
To f-droid I just could repead, what I've wrote in http://redmine.replicant.us/issues/1023
It seems to work this way: "[...] the app runs some code, the code crashed [sic] android and leave it confused, in its confused state it thinks that the app should be root, then the app installs something to allow other apps to become root."
So it breaks the sandbox and should work unless I'm very much mistaken...