Android Bug can trap your phone to Endless Reboot – CVE-2015-3823

Android McAfeeResearchers from McAfee have discovered a new vulnerability that can allow an attacker to perform DoS attack on Android media-server program. When the malicious app is set to restart, this can trap the Android device in a loop making the device unusable. This can drain all the battery as well.

This affects Android 4.0.1 Jelly Bean to 5.1.1.Lollipop. As per the reports more than 89% of the Android users are impacted by this attack. As per McAfee “One can render devices silent while the other, Stagefright, can be used to install malware through a multimedia message.”

Hackers can trigger the flaw causing an Android powered device to endless Reboot, also in this case the bug resides in the ‘mediaserver’ built-in program like the Stagefright flaw.

McAfee further explains :

“To get inside the device, attackers lure Android device owners to either install a malicious app or go to a malicious site that contains a malformed media file, which ends up in one of the following:

1. Once the malformed .MKV file is introduced into mediaserver via the app, the function will fall into an endless loop beyond the user’s control. The whole system will have to slow down until the system reboots or the battery is drained.
2. If the user is lured to a malicious site with the .MKV file, the mediaserver function will also enter an endless loop and experience the same issues once the user hits “Play.”
The vulnerability is caused by an integer overflow in parsing .MKV files, which causes the device to fall into an endless loop when reading video frames. ”

http://blog.trendmicro.com/trendlabs-security-intelligence/android-mediaserver-bug-traps-phones-in-endless-reboots/

http://blog.trendmicro.com/trendlabs-security-intelligence/android-mediaserver-bug-traps-phones-in-endless-reboots/

http://blog.trendmicro.com/trendlabs-security-intelligence/android-mediaserver-bug-traps-phones-in-endless-reboots/

Share Button
Tagged with 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>