Issue #1299
closed(Yet another) MediaServer vulnerability - CVE-2015-3842
100%
Description
Android versions 2.3 to 5.1.1 should be affected, so Replicant is it, too.
More details: http://blog.trendmicro.com/trendlabs-security-intelligence/mediaserver-takes-another-hit-with-latest-android-vulnerability/
Solution/Patches
AOSP patch: https://android.googlesource.com/platform/frameworks/av/+/aeea52da00d210587fb3ed895de3d5f2e0264c88
Files
Updated by My Self about 9 years ago
- File audio-effects-fix-heap-overflow.patch added
I've found a POC app here: https://code.google.com/p/android/issues/detail?id=177610
and tested it on my Replicant (4.2) setup. Surprisingly I can't get my MediaServer to crash with that app, (but it could be I just waited to short, because "the mediaserver component will crash at a random function", the blog says).
Just try it on your own, if you like...
Theoretical Replicant should be affected to that vulnerability, so I strongly recommend to apply the patch "audio-effects-fix-heap-overflow.patch", which is attached.
After merging this patch I've recompiled/reflashed Replicant 4.2 for my device without any misbehavior, and tested the functionalities for several hours, now.
After that I use the POC app again, to check if I could bring the mediaserver component to crash, which wasn't the case, (again).
@everyone: please review the patches and apply it if you like.
Updated by My Self about 9 years ago
- File deleted (
audio-effects-fix-heap-overflow.patch)
Updated by My Self about 9 years ago
Updated by Paul Kocialkowski about 9 years ago
- Status changed from New to Closed
- Resolution set to fixed
Merged, thanks a lot!