- Feb 7, 2014
- 1,540
Google Shuts Down Potentially Massive Android Bug
The Android ecosystem may have dodged another Stagefright-type of vulnerability.
Google’s monthly Android Security Bulletin released on Tuesday not only patched the remaining Quadrooter vulnerabilities, but also fixed another wide-ranging flaw that could allow an attacker to easily compromise—or at least brick—any Android device dating back to version 4.2.
The key to staving off another Stagefright is that yesterday’s patch features a complete overhaul of the offending jhead library, mitigating the possibility of recurring critical bugs, which, for example, continue to plague Mediaserver on an almost-monthly basis.
Tim Strazzere, director of mobile research at SentinelOne, found the vulnerability (CVE-2016-3862) and that that it would require just a specially crafted jpeg file in order to exploit the issue. Strazzere, admittedly not a proficient exploit writer, said he was able to cause his brand new Nexus 6P device to crash and reboot, and added that the bug could also likely be used by an advanced attacker to gain remote code execution on an Android device. This is especially true on older versions of Android where there are fewer exploit mitigations built into the operating system.
“This bug I found specifically is in a library that tries to read Exif data out of jpegs,” Strazzere said. “Any app using that library is affected by this.”
Exif is a standard that defines formats for metadata in images recorded by digital cameras.
Strazzere tested his proof of concept exploit over Gmail and Gchat. He said no user interaction is required to trigger the bug, just that the application calling jhead parses image data from jpeg files. He said this could extend to a multitude of web-based apps including social media apps where a malicious jpeg file loaded as a profile avatar, for example, could, at a minimum, crash Android devices.
“I tested it with Gchat and Gmail, and if I send you a file, because the phone syncs and gets the email, that triggers the bug,” Strazzere said. “You don’t have to click on the image or touch the attachment. Just open email, and that would trigger the bug.
You can read the rest of news here: Google Shuts Down Potentially Massive Android Bug
The Android ecosystem may have dodged another Stagefright-type of vulnerability.
Google’s monthly Android Security Bulletin released on Tuesday not only patched the remaining Quadrooter vulnerabilities, but also fixed another wide-ranging flaw that could allow an attacker to easily compromise—or at least brick—any Android device dating back to version 4.2.
The key to staving off another Stagefright is that yesterday’s patch features a complete overhaul of the offending jhead library, mitigating the possibility of recurring critical bugs, which, for example, continue to plague Mediaserver on an almost-monthly basis.
Tim Strazzere, director of mobile research at SentinelOne, found the vulnerability (CVE-2016-3862) and that that it would require just a specially crafted jpeg file in order to exploit the issue. Strazzere, admittedly not a proficient exploit writer, said he was able to cause his brand new Nexus 6P device to crash and reboot, and added that the bug could also likely be used by an advanced attacker to gain remote code execution on an Android device. This is especially true on older versions of Android where there are fewer exploit mitigations built into the operating system.
“This bug I found specifically is in a library that tries to read Exif data out of jpegs,” Strazzere said. “Any app using that library is affected by this.”
Exif is a standard that defines formats for metadata in images recorded by digital cameras.
Strazzere tested his proof of concept exploit over Gmail and Gchat. He said no user interaction is required to trigger the bug, just that the application calling jhead parses image data from jpeg files. He said this could extend to a multitude of web-based apps including social media apps where a malicious jpeg file loaded as a profile avatar, for example, could, at a minimum, crash Android devices.
“I tested it with Gchat and Gmail, and if I send you a file, because the phone syncs and gets the email, that triggers the bug,” Strazzere said. “You don’t have to click on the image or touch the attachment. Just open email, and that would trigger the bug.
You can read the rest of news here: Google Shuts Down Potentially Massive Android Bug
Last edited by a moderator:
