Project

General

Profile

Issue #1299

(Yet another) MediaServer vulnerability - CVE-2015-3842

Added by My Self over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Security
Target version:
Start date:
03/30/2015
Due date:
% Done:

100%

Estimated time:
Resolution:
fixed
Device:
Grant:


Files

#1

Updated by My Self over 5 years ago

  • File audio-effects-fix-heap-overflow.patch added

I've found a POC app here: https://code.google.com/p/android/issues/detail?id=177610
and tested it on my Replicant (4.2) setup. Surprisingly I can't get my MediaServer to crash with that app, (but it could be I just waited to short, because "the mediaserver component will crash at a random function", the blog says).
Just try it on your own, if you like...

Theoretical Replicant should be affected to that vulnerability, so I strongly recommend to apply the patch "audio-effects-fix-heap-overflow.patch", which is attached.

After merging this patch I've recompiled/reflashed Replicant 4.2 for my device without any misbehavior, and tested the functionalities for several hours, now.
After that I use the POC app again, to check if I could bring the mediaserver component to crash, which wasn't the case, (again).

@everyone: please review the patches and apply it if you like.

#2

Updated by My Self over 5 years ago

  • % Done changed from 0 to 100
#3

Updated by My Self over 5 years ago

  • File deleted (audio-effects-fix-heap-overflow.patch)
#5

Updated by Paul Kocialkowski over 5 years ago

  • Status changed from New to Closed
  • Resolution set to fixed

Merged, thanks a lot!

Also available in: Atom PDF