Our resident mobile news expert reported yesterday on Google's monthly security updates for the company's Nexus devices, which are theoretically the purest Android implementation you'll get on the market.
Taking a closer look at the changelog, we can see what security holes Google's developers have patched up in the Android mobile OS, and it comes as no surprise, yet again, that the Mediaserver component has received updates for another RCE (Remote Code Execution) flaw.
Since Google started to put out monthly security updates last September, the Mediaserver component has been patched every month, with this being the sixth consecutive time when Google addresses another glaring security hole in Android's multimedia processing unit.
The Mediaserver component is the source of the famous Stagefright vulnerabilities that affected over 1 billion devices and allowed attackers to take over Android smartphones.
Two RCE vulnerabilities fixed in Android's multimedia component
This time around, Google has outdone itself and patched not one, but two RCEs: CVE-2016-0803 and CVE-2016-0803.
As with all previous instances, an attacker could craft a malicious multimedia file and cause a memory corruption in the phone's OS, which would allow them to execute custom code on the smartphone.
Since the Mediaserver component is used by multiple other components and almost all Android apps that work with multimedia files (MMS, IM chat clients, browsers, etc.), exploiting RCE flaws in this component is generally a trivial task that only requires that a user accesses a malformed, malicious multimedia file.
Google patched seven critical issues in Android
Google's February Android security patch bonanza included 13 bugs, seven of which were labeled critical, four high, and one of moderate severity.
The critical bugs were two RCE flaws in the Mediaserver component, two RCE flaws in the Broadcom Wi-Fi driver, and three elevation of privilege issues in the Qualcomm Wi-Fi driver, the Qualcomm performance module, and the Debugger daemon.
Of these, the two RCE flaws in the Broadcom Wi-Fi driver were as easy to exploit as the Mediaserver issues, allowing attackers to execute remote code on the device just by sending a malformed wireless control message packet to the target's device.
Android OEMs (Original Equipment Manufacturers) will integrate Google's security updates in their own customized versions of the Android OS and should be providing updates to all partner mobile operators in the upcoming days. Whether the mobile operator pushes these updates to your device is another matter altogether.
Issue | CVE | Severity |
---|---|---|
Remote Code Execution Vulnerability in Broadcom Wi-Fi Driver | CVE-2016-0801 CVE-2016-0802 |
Critical |
Remote Code Execution Vulnerability in Mediaserver | CVE-2016-0803 CVE-2016-0804 |
Critical |
Elevation of Privilege Vulnerability in Qualcomm Performance Module | CVE-2016-0805 | Critical |
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver | CVE-2016-0806 | Critical |
Elevation of Privilege Vulnerability in the Debugger Daemon | CVE-2016-0807 | Critical |
Denial of Service Vulnerability in Minikin | CVE-2016-0808 | High |
Elevation of Privilege Vulnerability in Wi-Fi | CVE-2016-0809 | High |
Elevation of Privilege Vulnerability in Mediaserver | CVE-2016-0810 | High |
Information Disclosure Vulnerability in libmediaplayerservice | CVE-2016-0811 | High |
Elevation of Privilege Vulnerability in Setup Wizard | CVE-2016-0812 CVE-2016-0813 |
Moderate |