Samsung has patched a critical safety gap in its smartphones that may be exploited by maliciously crafted textual content messages to hijack units.
It seems no person interplay is required: if Samsung’s messaging app bundled with telephones since 2015 receives a booby-trapped MMS, it’ll parse it routinely earlier than the person even opens it. This may set off a vulnerability within the Skia graphics library, utilized by the app to decode the message’s embedded Qmage picture. The top result’s code execution on the gadget, permitting the miscreant who despatched it to doubtlessly eavesdrop on their sufferer and provide you with different mischief.
At present I am blissful to launch new analysis I have been engaged on for some time: 0-click RCE by way of MMS in all trendy Samsung telephones (launched 2015+), on account of quite a few bugs in a little-known customized “Qmage” picture codec supported by Skia on Samsung units. Demo: https://t.co/8KRIhy4Fpk
— j00ru//vx (@j00ru) Could 6, 2020
Samsung has pushed out updates to supported telephones to squash the bug, which ought to be put in ASAP earlier than somebody weaponizes an exploit for this programming blunder. In case you are nonetheless ready for a patch, switching your default message app to a different messaging utility, and never Samsung’s, and disabling automated MMS parsing, might assist.
The patch coincides with Android’s month-to-month launch of safety fixes: all homeowners of units operating supported variations of Android will wish to verify for and set up related updates in Could’s patch batch.
This newest wedge contains fixes for a distant code execution flaw within the Android AAC decoder (CVE-2020-0103) and a essential Android framework elevation-of-privilege bug (CVE-2020-0096) that collectively might be exploited to realize whole management of the gadget.
The opposite vulnerabilities on the 01 patch stage are as follows. For the Android framework, two further elevation-of-privilege bugs (CVE-2020-0097, CVE-2020-0098) that grant malware already on the gadget not-quite-total management over a tool, and for the media framework, one EoP flaw (CVE-2020-0094) and three data disclosure bugs (CVE-2020-0093, CVE-2020-0100, CVE-2020-0101).
The Android system patches cowl the aforementioned AAC distant code bug in addition to 4 EoP (CVE-2020-0102, CVE-2020-0109, CVE-2020-0105, CVE-2020-0024) and three data disclosure bugs (CVE-2020-0092, CVE-2020-0106, CVE-2020-0104) holes.
On the 05 stage, patches for elements outdoors of the core Android package deal, fixes had been posted for 2 kernel flaws permitting EoP (CVE-2020-0110) and knowledge disclosure (CVE-2019-19536). 4 fixes had been posted for data disclosure bugs in MediaTek elements (CVE-2020-0064, CVE-2020-0065, CVE-2020-0090, CVE-2020-0091).
A complete of 18 patches had been posted for flaws in Qualcomm elements, although the small print on these bugs weren’t given.
These with supported Google-branded units ought to get the Could fixes immediately from the Chocolate Manufacturing unit, whereas different Android units ought to see the fixes come from their respective distributors and carriers. This will occur anyplace from instantly to a number of weeks from now, to by no means, relying on the provider. ®