Google Android Stagefright Multimedia Vulnerabilities

Answer ID 3810
Published 11/13/2015 03:17 PM
Updated 09/15/2016 10:21 AM
Google Android Stagefright Multimedia Vulnerabilities:

CVE-2015-1538: Integer overflows during MP4 atom processing

CVE-2015-1539: An integer underflow in ESDS processing

CVE-2015-3824: Integer overflow in libstagefright when parsing the MPEG4 tx3g atom

CVE-2015-3826: Unbounded buffer read in libstagefright while parsing 3GPP metadata

CVE-2015-3827: Integer underflow in libstagefright when processing MPEG4 covr atoms

CVE-2015-3828: Integer underflow in libstagefright if size is below 6 while processing 3GPP metadata

CVE-2015-3829: Integer overflow in libstagefright processing MPEG4 covr atoms

CVE-2015-3864: Integer overflow in libstagefright when processing 'tx3g' MP4 atom

Vulnerability Description:

The Google Android operating system's multimedia engine, known as Stagefright (or libstagefright), is affected by several vulnerabilities that may enable a remote attacker to cause a denial of service or execute arbitrary code with elevated permissions.

Exploit Scope and Risk:

The Google provided binary "libstagefright" typically runs in a process with elevated privileges. When exploited this may allow an attacker to access privileged functions, such as camera, microphone, and speakers.

The CVSS Risk assessment is listed below.

CVSS Base Score - 10

Exploitability sub-score- 10

Access Vector: Network

Access Complexity: Low

Authentication: None

Impact sub-score - 10.0

Confidentiality Impact: Complete

Integrity Impact: Complete

Availability Impact: Complete

CVSS temporal sub-score - 7.8

Exploitability: Proof of concept exists

Remediation Level: Official fix

Report Confidence: Confirmed

CVSS Environmental Score - [determined by user]

NVIDIA's risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. We recommend consulting a local security or IT professional to evaluate the risk of your specific configuration.

Vulnerable Configurations:

This vulnerability affects NVIDIA products running the Android operating system including TegraNote 7, SHIELD Portable, SHIELD Tablet, and SHIELD Android TV.

Vulnerability Discovery:

Discovery is credited to Joshua J. Drake of Zimperium, who reported it to the Android team at Google, who subsequently informed its product partners, including NVIDIA.

Fix:

NVIDIA recommends that users run the latest software available. Refer to the table below for software versions containing fixes for this issue.

Product

Patched SHIELD Software Version

SHIELD Portable

OTA 6.1

SHIELD Tablet

OTA 3.1.1

SHIELD Android TV

OTA 2.1

Mitigations:

Exposure may be reduced by avoiding untrusted websites, applications, and storage media (such as SD cards, USB storage, or network storage), which may contain malicious media files targeting this vulnerability.

As always, observe safe computing practices by:

· Keeping your devices updated with the latest patches at all times.

· Only download or execute content and programs from trusted third parties.

· Use a lock screen to protect your device from unauthorized use.

· Beware of rooting, custom recovery software, and other modifications that may compromise the device's security.

Was this answer helpful?
Your rating has been submitted, please tell us how we can make this answer more useful.

LIVE CHAT

Chat online with one of our support agents

CHAT NOW

ASK US A QUESTION

Contact Support for assistance

CONTACT US