Android’s Critical Media-Processing and Wi-Fi Flaws Fixed by Google

Author: Vladimir Ghilien

Last updated: June 19, 2017

Thirteen new Android flaws have been patched by Google. Two of them could permit attackers to gain control over Android gadgets connected to the same wireless network, in case they have Broadcom chips.

The two critical flaws are found in the Broadcom Wi-Fi driver. They could be exploited by sending particularly crafted packets for wireless control to the attacked gadgets. These messages are able to corrupt the memory of the kernel and permit the arbitrary code execution in it, although the kernel is the most privileged area of the Android OS.

 

Onegini Mobile Security Platform Brochure download button

 

These vulnerabilities are critical, since the attack doesn’t need a user to do anything and may be exploited remotely and may end up with a complete compromise of the gadget.

Qualcomm’s Wi-Fi chips driver as well had a critical flaw that might lead to execution of arbitrary code with kernel privileges. Nevertheless, it may only be exploited by an application installed locally.

Ultimately, a third flaw was found in the Wi-Fi component and was subject to exploitation by a local app for code’s execution with system privileges. This flaw received a high rate of importance.

The new patches released by Google as well fix two crucial remote code execution flaws in mediaserver. Mediaserver is a component that deals with parsing of video and audio files. It is a critical vulnerability in the Debuggerd daemon component and one in the performance of Qualcomm event manager component for ARM processors.

The flaws in Debuggerd and the Qualcomm performance module might be exploited by local apps and the vulnerability in mediaserver might be exploited via specially created media files downloaded from Internet sites or embedded into MMS.

Google as well fixed high-impact flaws in such libraries, as libmediaplayservice and mediaserver, as well as two moderate vulnerabilities in setup wizard. These errors might lead to denial of service, security bypasses, privilege escalation, and information disclosure.

The company shared info about these vulnerabilities with its partners from the OEM on January 4 and then released firmware updates for its Nexus gadgets soon after. Android firmware that has already received these fixes should have also gotten a security patch early in February.

These patches will as well be published in the Android Open Source Project. This way, other OS’s based on Android, such as CyanogenMod, will be able to integrate the fixes.

Sign up for our newsletter