Date: Tue, 22 Mar 2016 15:04:50 -0600 From: Scotty Bauer <sbauer@....utah.edu> To: oss-security@...ts.openwall.com Subject: Re: CVE-2015-1805 Linux kernel: pipe: iovec overrun leading to memory corruption On 03/22/2016 02:58 PM, Solar Designer wrote: > Apparently, this vulnerability is being used to root older Android > devices, and as a result it has just been fixed for older Android: > > https://source.android.com/security/advisory/2016-03-18.html > > "Google has become aware of a rooting application using an unpatched > local elevation of privilege vulnerability in the kernel on some Android > devices (CVE-2015-1805). For this application to affect a device, the > user must first install it. We already block installation of rooting > applications that use this vulnerability - both within Google Play and > outside of Google Play - using Verify Apps, and have updated our systems > to detect applications that use this specific vulnerability. > > To provide a final layer of defense for this issue, partners were > provided with a patch for this issue on March 16, 2016. Nexus updates > are being created and will be released within a few days. Source code > patches for this issue have been released to the Android Open Source > Project (AOSP) repository." > > The advisory above includes a bit more information, including links to > AOSP commits, but no information on how the vulnerability is exploited, > nor even the names of the "rooting applications". > > I heard of this from a tweet by @DaveManouchehri, asking for "the APK > (or name) of the app that's exploiting CVE-2015-1805" - unfortunately, I > have no answer. Kingroot is the application it was discovered in by the Zimperium folks.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ