Skip to main content

QuadRooter - the flaw that can affect millions of Android devices

A set of 4 critical Android vulnerabilities were recently published by CheckPoint. Successful exploitation of any of these exploits can give the attacker root privileges on the affected device. It is possible for an attacker to construct a malicious app that triggers these exploits with no need for special privileges making these vulnerabilities extremely dangerous. 

The vulnerabilities were found in the software drivers that accompany Qualcomm chipsets. Thereby any Android device using Qualcomm chipset is vulnerable, this counts to nearly 900 million smartphones and tablets.

The report by CheckPoint goes into the finer details about the vulnerabilities but below is a high level description of the same:

CVE-2016-2059:
The vulnerability is present in a kernel module introduced by Qualcomm called ipc_router that provides inter-process communication where it is possible to convert a regular socket (CLIENT_PORT) into a monitoring socket (CONTROL_PORT).

CVE-2016-5340:
Ashmem is Android's memory allocation sybsystem that enables processes to efficiently share memory buffers. Devices using Qualcomm chipsets use a modified version of ashmem, the vulnerability is in one of the functions in this version of ashmem.
Attackers can trick get_ashmem_file function to think that an arbitrary file called "ashmem" is actually an ashmem file.

CVE-2016-2503 and CVE-2106-2504 are related to Qualcomm's GPU component Kernel Graphics Support Layer:

  • CVE-2016-2503:
    One of the GPU components - Kernel graphic Support Layer - has a module kgsl_sync that is responsible for syncing between CPU and the apps. Within this module is a function that is prone to race condition flaw that can be exploited
  • CVE-2016-2504:
    A user space process can allocate and map memory to GPU, thereby it can create/destroy kgsl_mem_entry which represents an object that uses GPU memory. This object is bound to a process using GPU mapping mechanism or the "idr" mechanism. But since there is no access protection enforced, this object can be freed by another thread.

The report states that Qualcomm has released patches to OEM's (Original Equipment Manufacturers) and the open source community between April and end of July. Google has confirmed that its Verify Apps feature already blocks QuadRooter exploit.

At the moment there are no instances of malicious apps misusing these vulnerabilities in the wild. We will keep an eye on the Android landscape and provide protection against threats that exploit these vulnerabilities.

Source : Dell SonicWall Security Center

Have a good time.
(Be knowledgeable, pass it on then)

Comments

  1. Rash from Grover's Disease can be extraordinarily irritated. Natural Treatment decrease itching ordinarily start with high-power steroid creams, for example, triamcinolone or clobetasol, beside with antihistamines. Natural Remedies for Grover's Disease provides the relief from skin disorders. It helps to reducing rashes from skin that occur from Grover’s Disease.

    ReplyDelete

Post a Comment

Popular posts from this blog

Link Aggregating with Synology NAS and Cisco Switch

I’d like to share how to setup Link Aggregating between Synology NAS and Cisco Switch. I’ve got one Synology NAS with 4 Network Ports and I’m going to use 2 of them. Both Network Port to be as one Logical Link, Fault Tolerance and Load Balancing. To do that, I need to configure Link Aggregating on Synology NAS and EtherChannel with LACP on Cisco Switch. Below is brief steps to do to meet with my requirements. - Get connected Synology NAS and Cisco Switch as shown in picture. - Bonding two Network Ports of Synology NAS and assign IP Address - Configure EtherChannel with LACP in Cisco Switch and add two physical ports as Member. OK. Let’s begin from Synology NAS. - Login to the Synology and go to Control Panel>Network>Create>Create Bond - Select IEEE 802.3ad to get Fault Tolerance and Load Balancing Featureyou’re your switch not support 802.3ad you can only select Fault Tolerance only feature). After that click “Next”. - Choose the network port f

Fortigate guide for Begineer - 6

I would like to explaine how to troubleshoot the Fortigate Unit configured by Transparent Mode in step by step this time. Let's assume, you have one Fortigate Unit that configured as Transparent Mode. But devices from Internal/Private Network unable to access Internet/Public Network through your Fortigate Unit. OK. Let's troubleshoot with following steps, 1) Check the physical network connections between the network and the FortiGate unit, and between the FortiGate unit and the Internet. 2) Check the router and ISP-supplied equipment to make sure it is operating correctly. 3) Verify that you can connect to the internal interface by connecting to the management IP address of the FortiGate unit from the Internal network. From the internal network, attempt to ping the management IP address. If you cannot connect to the internal interface, verify the IP configuration of the PC and make sure the cables are connected and all switches and other devices on the network are powered on a

Solving the "A general system error occured:Invalid fault" error in vSphere 4

Below error was come out when you try to migrate VM to other host for some reason. Below error was come out when you try to edit VM setting. Below error was come out when you power on the VM. How to solve those error? Here is how I resolve the error! Login to the Host that errored VM exist by using Terminal or Direct Console. Enter below command and press enter. services.sh restart Wait until all VMware Services are restarted. After that try to Power On/Edit Settings or Migrate the errored VM and you will see all you can do without any error pop-up. This kind of errors can occur if you shutdown/restart VM unproperly or shutdown/restart the Host unproperly that VM exist. You can check log file deeply if you willing to know precisely on this. May you all be happy. (Be knowledgeable, pass it on then)