Issue #1311
closedAndroid KeyStore Stack Buffer Overflow - CVE-2014-3100
100%
Description
Replicant seems not to be affected to the vulnerability, listed here: http://redmine.replicant.us/boards/39/topics/8283?r=10425#message-10425
More details: https://securityintelligence.com/android-keystore-stack-buffer-overflow-to-keep-things-simple-buffers-are-always-larger-than-needed/
But why not adding the the "test for keystore crashing"-patch anyway?
Solution/Patches
AOSP patch: https://android.googlesource.com/platform/cts/+/cb35803
Files
Updated by My Self about 9 years ago
- File CVE-2014-3100.zip added
I've applied the patch "Test-for-keystore-crashing-due-to-malformed-names.patch" to my local Replicant sources.
Additionally I [git add]ed this files to the following path:- tests/tests/security/src/android/security/cts/KeystoreExploitTest.java
- tests/tests/security/src/android/security/cts/Proc.java
(because of this, I provide this patch as a .zip(ped) patchset "CVE-2014-3100.zip"), which is attached.
Replicant <= 4.2 should not be affected by this vulnerability, but I would recommend to apply this CTS-"test for keystore crashing"-patch, anyway.
After merging this patch I've recompiled/reflashed Replicant 4.2 for my device without any misbehavior, and tested the functionalities for several hours, now.
@everyone: please review the patches and apply it if you like.
Updated by My Self about 9 years ago
- File CVE-2014-3100.zip CVE-2014-3100.zip added
Updated by Paul Kocialkowski about 9 years ago
Well, since this only impacts the CTS, it won't benefit users in any way. Since I'd like to keep the diff between Replicant and CM to a minimal, perhaps we could consider dropping this?
Updated by My Self about 9 years ago
In consideration of the fact that Replicant (4.2) isn't vulnerable to this (CVE-2014-3100), I could live with the dropping of this (fully CTS related) patch.
Well, it was worth an offer :)
Updated by Paul Kocialkowski about 9 years ago
- Status changed from New to Rejected
- Resolution set to invalid