Google patches last Quadrooter vulnerabilities in Android

Sep

7

2016

Google has the last Quadrooter leaks poem with a new patch round. Writing the company in its latest security bulletin. Two of a total of four vulnerabilities were unresolved. Google also explained how the Stage Fright leak is prevented in nougat.

At the recently-sealed leak involves CVE-2016-5340 and CVE-2016-2059, that states the message from Google. The first leak was in the Android subsystem for the allocation of memory and made it possible for an attacker to execute arbitrary code. The second leak was in the ipc_router, which handles communication between Qualcomm components. These vulnerabilities are part of the four leaks which have been given the name Quadrooter together.

They were by the security company Check Point in August discovered and are located in the Qualcomm drivers for Android. The first estimate of the company was that would affect the leak ‘hundreds of millions’ devices, but this was later denied by Google. As suggested Google to devices running Android 4.2 or higher are protected by the “verify apps’ function, although they are still vulnerable. Initially it was reported that three of the four Quadrooter vulnerabilities were already closed, but two leak was not yet known if there would be a patch.

In a post on Google Android security team has also explained how the Stage Fright leak, which actually consists of several vulnerabilities, has been addressed in the final nougat variant of Android. The team explains that the appropriate media server rebuilt. In 2015 came to light that the Stage Fright leak was located in this part of Android and enabled attacker to run code on the device of the victim, for instance by means of a special MMS.

In order to counteract this type of attack has been decided in Nougat to develop a system for detecting integer overflows, which may lead to the execution of malicious code. As soon as such an incident is noticed, Android closes the relevant process, so the security team explains. In addition, the media stack divided into several components, all of which have their own sandbox with limited privileges. In this way also an attacker limited access, and it is more difficult to attack the kernel.

Other improvements were made ​​on another site in Verified Boot, which cracked devices no longer start, and ASLR . This is complicated a buffer overflow -aanval.

Viewing:-71

In: Technology & Gadgets Asked By: [15780 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »