Samsung Patches Android Vulnerabilities
Friday, January 29, 2016 @ 06:01 PM gHale
Samsung updated its major Android flagship Galaxy models to resolve 16 vulnerabilities.
The updates, available as part of the company’s monthly Security Maintenance Release (SMR) process, include patches released by Google up to its January Android Security Bulletin.
Another portion of the release also includes several Samsung Vulnerabilities and Exposures (SVE) items.
Samsung’s January 2016 SMR includes a patch for a remote code execution (RCE) vulnerability in Android Mediaserver rated as critical. During the media file and data processing of a specially crafted file, an attacker could exploit the flaw to cause memory corruption and remote code execution.
The vulnerability appears similar to the “Stagefright” vulnerability disclosed in July 2015, which affected nearly one billion Android devices. Google’s initial patch did not properly address the mediaserver service flaw.
Another Critical flaw addressed in the updates is a vulnerability in Skia that allows remote attackers to execute arbitrary code or cause a denial of service via a crafted media file. The vulnerability ended up fixed by Google in the December 2015 bulletin, and Samsung included it in its December SMR too.
This month, Samsung Android devices also received fixes for a series of Android flaws which rated the medium risk level.
Of the 7 SVE items included in Samsung’s January 2016 SMR, three rated critical and could result in arbitrary code execution, memory corruption, or FRP/RL bypass. The first could end up triggered when a malformed BMP image ends up scanned by a facial recognition library, the second is a flaw in ‘libQjpeg.so’ and can come from a malformed JPEG file, while the third is a bug in download mode that can reset the FRP/RL partition by using ‘Odin’ protocol, according to the release.
Samsung also patched a vulnerability resulting from a combination of unprivileged local apps being able to access some providers and an SQL injection (SQLi) flaw, which allowed applications to access all messages from SecEmail. The update also resolves a memory corruption issue rated medium, along with a low rated problem that could cause crashes when malicious service commands ended up called.