Do we get absolutely essential fix for Stagefright-vulnerabilities (some are remote-attackable)?
asked 2015-07-27 23:14:16 +0200
This post is a wiki. Anyone with karma >75 is welcome to improve it.
as Stagefright is the "Android-Flashplayer". This does NOT only affect users of aliendalvik as libstagefright is present in /system/lib (<- BULLSHIT!) . So all Jolla-device users are hit by those vulnerabilities [unfixed status Apr'2017]:
[CVE-2015-6602] [CVE-2016-0803] [CVE-2016-0810] [CVE-2016-0815] [CVE-2016-1621] [CVE-2016-0826] [CVE-2016-0827] [CVE-2016-0829] [CVE-2016-0837] [CVE-2016-0838] [CVE-2016-0841] [CVE-2016-2416] [CVE-2016-2417] [CVE-2016-2428] [CVE-2016-2429] [CVE-2016-2448] [CVE-2016-2449] [CVE-2016-2450] [CVE-2016-2451] [CVE-2016-2452] [CVE-2016-2459] [CVE-2016-2460] recent vulnerabilities...
new ones added June2016: critical: [CVE-2016-2463] [CVE-2016-2464] high: CVE-2016-2476 CVE-2016-2477 CVE-2016-2478 CVE-2016-2479 CVE-2016-2480 CVE-2016-2481 CVE-2016-2482 CVE-2016-2483 CVE-2016-2484 CVE-2016-2485 CVE-2016-2486 CVE-2016-2487 CVE-2016-2495 moderate: [CVE-2016-2499]
new ones Jul2016: critical: CVE-2016-2506 CVE-2016-2507 CVE-2016-2508
high: CVE-2016-3745 CVE-2016-3746 CVE-2016-3747 CVE-2016-3753 CVE-2016-3754 CVE-2016-3756
moderate: CVE-2016-3764 CVE-2016-3766
new ones Aug2016: critical: CVE-2016-3819 remote, CVE-2016-3821 remote
high: CVE-2016-3823, CVE-2016-3824, CVE-2016-3826, CVE-2016-3830
moderate: CVE-2016-3835
critical: CVE-2016-3861 CVE-2016-3862
high: CVE-2016-3863 CVE-2016-3870 -72 CVE-2016-3879-81
Oct'16: high CVE-2016-3909, CVE-2016-3910, CVE-2016-3913, CVE-2016-3920
Apr'17: critical CVE-2017-0541 high: CVE-2017-0547 moderate: CVE-2017-0558
so don't use android-browser and be afraid of hummingbad-infection
EDIT 20151022: Vulnerability is fixed in System-Update 2.0.0
excerpt from changelog:
Backport stagefright vulnerability fix.
EDIT 20160320: Android component is still not completely fixed. lpr in a comment below:
no, google is still fixing it up. The vulnerability was more complex and not done with a simple fix... still on the agenda
interesting link: upcoming driveby infection of Android (the very described cve in the article is fixed in Jolla...)
Original Post:
from the linked article:
Only Android phones below version 2.2 are not affected, he added.
The weaknesses reside in Stagefright, a media playback tool in Android.
They are all “remote code execution” bugs, allowing malicious hackers to infiltrate devices and exfiltrate private data. All attackers would need to send out exploits would be mobile phone numbers, Drake noted.
From there, they could send an exploit packaged in a Stagefright multimedia message (MMS), which would let them write code to the device and steal data from sections of the phone that can be reached with Stagefright’s permissions.
# ls /system/bin
lists stagefright
,so it is present on jollas (even without aliendalvik)
# ls /opt/alien/system/lib
lists libstagefright
,so it is present on jollas with aliendalvik additionally (so on these devices you'll find 2 versions of it, both vulnerable)
One data point: if you install Stagefright Detector by Zimperium from the Google Store to your Jolla device running Saimaa 2.0.0.10, the test claims that it is vulnerable to CVE-2015-6602 (but none else of the tests). Anyone care to comment on what this means in practical terms?
ExTechOp ( 2016-03-21 13:37:06 +0200 )edit@ExTechOp that means detector app is outdated (Version from Nov2015) see Dec Jan Feb Mar Apr May Jun Jul and Aug
lpr ( 2016-03-24 15:25:54 +0200 )edit@ExTechOp there is a more recent version from may2016 available of Stagefright Detector. Maybe you could share the vulnerabilities it finds...
lpr ( 2016-08-02 14:53:47 +0200 )editthx lpr for all the edits! I changed this thread to wiki to not fish for the karma ;)
mosen ( 2016-09-12 21:36:31 +0200 )edit@coderus bullshit is exactly the word to use as an argument...
lpr ( 2017-04-28 17:40:41 +0200 )editat least my jolla has libstagefright present in /system/lib as part of droid-system-sbj and droidmedia and gstreamer1.0-droid DO use the android-codecs h264dec & enc and others... so what's the point?