The page may not load correctly.
StageFright 2.0 is a vulnerability in Android OS that can be exploited by cybercriminals to execute an arbitrary code on the infected device or, at least, to cause an emergency shutdown of mediaserver. All versions of Android operating systems starting with 5.0 are subject to this vulnerability. It should be noted that Android 4.1 possesses the ASLR mechanism (Address Space Layout Randomization), which makes creation of a working exploit for this vulnerability more difficult.
To be able to use StageFright 2.0, cybercriminals need to plant a specially generated MP3 or MP4 file on the compromised devise by any possible means. At that, no user interference is required.
If Dr.Web for Android has detected this vulnerability, it is strongly recommended that you contact the device manufacturer to get necessary updates for the operating system.
The vulnerability exists due to an error in the ID3v2-tag handler. In fact, it is caused by the two following flaws: one in the libutils component and another one in the libstagefright component. The first flaw exists in all versions of Android operating systems starting with 1.0; the second one, in Android operating systems starting with 5.0. Since it is a combination of these two flaws that ensures the presence of the vulnerability, only devices running Android operating systems starting with 5.0 are subject to it.
An attempt to read tags of a file that exploits the vulnerability leads to buffer overflow as follows: after the operating system allocates some buffer space, the next reading operation causes overflow. Theoretically, this allows cybercriminals to execute an arbitrary code on the infected device.
© Doctor Web
2003 — 2022
Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies
Doctor Web in social networksLink accounts