Hi all,
Today I'm pleased to announce a fix for stagefright's security flaws, which doesn't require to disable stagefright, and doesn't require stagefright sources either.
The sources, including a detailed README is available at:
https://github.com/archos-sa/securit...DROID-20139950
The purpose of this contribution is to propose a systematic approach able to quickly to re-generate firmwares that addresses the 2015 libstagefright CVEs by relying on binary patching method.
This method is relevant when dealing with platforms for which the source code has not been released publicly.
This proposed process is illustrated with 2015 libstagefright CVEs but can be further extended to capture other upcoming security fixes.
Surprisingly these fixes do not pass the Zimperium vulnerability test apk because this apk directly checks libstagefright.so without going through Mediaserver.
Obviously this is not intended for Cyanogenmod type of ROMd that most likely already implement proper fixes in their source code.
Included in the git tree are some prebuilts files, targetting AOSP 4.2, 4.4, and MTK baseline 4.2 and 4.4.
This has been tested on Nexus 4 4.4 (aosp4.4 prebuilt), a spreadtrum 4.4 device (aosp 4.4 prebuilt), several mtk 4.2 and 4.4 devices (mtk4.2 and mtk4.4 prebuilts). I believe it should work as-is on Qualcomm-baseline 4.4 as well (aosp4.4 prebuilt).
Today I'm pleased to announce a fix for stagefright's security flaws, which doesn't require to disable stagefright, and doesn't require stagefright sources either.
The sources, including a detailed README is available at:
https://github.com/archos-sa/securit...DROID-20139950
The purpose of this contribution is to propose a systematic approach able to quickly to re-generate firmwares that addresses the 2015 libstagefright CVEs by relying on binary patching method.
This method is relevant when dealing with platforms for which the source code has not been released publicly.
This proposed process is illustrated with 2015 libstagefright CVEs but can be further extended to capture other upcoming security fixes.
Surprisingly these fixes do not pass the Zimperium vulnerability test apk because this apk directly checks libstagefright.so without going through Mediaserver.
Obviously this is not intended for Cyanogenmod type of ROMd that most likely already implement proper fixes in their source code.
Included in the git tree are some prebuilts files, targetting AOSP 4.2, 4.4, and MTK baseline 4.2 and 4.4.
This has been tested on Nexus 4 4.4 (aosp4.4 prebuilt), a spreadtrum 4.4 device (aosp 4.4 prebuilt), several mtk 4.2 and 4.4 devices (mtk4.2 and mtk4.4 prebuilts). I believe it should work as-is on Qualcomm-baseline 4.4 as well (aosp4.4 prebuilt).