ID ANDROID:CVE-2015-3823 Type android Reporter androidvulnerabilities.org Modified 2019-07-29T00:00:00
Description
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.
{"id": "ANDROID:CVE-2015-3823", "bulletinFamily": "software", "title": "CVE-2015-3823", "description": "libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.", "published": "2015-10-01T00:00:00", "modified": "2019-07-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2015-3823.html", "reporter": "androidvulnerabilities.org", "references": ["https://nvd.nist.gov/vuln/data-feeds", "https://source.android.com/security/bulletin/2015-10-01.html", "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/407d475b797fdc595299d67151230dc6e3835ccd"], "cvelist": ["CVE-2015-3823"], "type": "android", "lastseen": "2020-12-24T13:21:09", "edition": 2, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-3823"]}, {"type": "thn", "idList": ["THN:BBBB69A4A060DD4156D3E8E277C66F3C"]}], "modified": "2020-12-24T13:21:09", "rev": 2}, "score": {"value": 6.9, "vector": "NONE", "modified": "2020-12-24T13:21:09", "rev": 2}, "vulnersScore": 6.9}, "affectedSoftware": [{"name": "android", "operator": "le", "version": "5.1"}], "scheme": null}
{"cve": [{"lastseen": "2020-12-09T20:03:03", "description": "libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.", "edition": 5, "cvss3": {}, "published": "2015-10-06T17:59:00", "title": "CVE-2015-3823", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3823"], "modified": "2015-10-07T14:28:00", "cpe": ["cpe:/o:google:android:5.1"], "id": "CVE-2015-3823", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3823", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*"]}], "thn": [{"lastseen": "2018-01-27T09:18:04", "bulletinFamily": "info", "cvelist": ["CVE-2015-3823"], "description": "[](<https://2.bp.blogspot.com/-AM7OCNbJzeU/VcHL_B1uMRI/AAAAAAAAj2w/Sj7C-pROUzY/s1600/android-reboot-vulnerability.png>)\n\nPoor Android users are facing a terrible, horrible, and awful week.\n\n \n\n\nFew days ago, Trend Micro security researchers uncovered a [Android](<https://thehackernews.com/2015/07/android-vulnerability-crash.html>)[ crashing vulnerability](<https://thehackernews.com/2015/07/android-vulnerability-crash.html>) in the widely used mobile operating system, impacting the majority of Android devices in use.\n\n \n\n\nThe report follows another significant [Stagefright vulnerability](<https://thehackernews.com/2015/07/how-to-hack-android-phone.html>) that was revealed by separate researchers, who warned that nearly [950 Million Android phones](<https://thehackernews.com/2015/07/android-phone-hacking.html>) can be hijacked by sending a simple text message or via malicious Android app or specially crafted web pages.\n\n \n\n\n### EXPLOIT TO TRAP ANDROID DEVICES IN ENDLESS REBOOTS\n\n \n\n\nNow, the security researchers have discovered a dangerous security bug in the Android operating system that they claim can \"brick\" your phone, making it unresponsive and completely useless.\n\n \n\n\nThe new vulnerability,_ CVE-2015-3823_, can be exploited by potential hackers to cause your Android device to endless Reboot, and is similar to the Stagefright bug in that the flaw exists in the \u2018mediaserver\u2019 built-in program.\n\n \n\n\nThe vulnerability affects even more Android users. Nearly _90 percent of Android devices_ running **_versions 4.0.1 Jelly Bean to 5.1.1 Lollipop are vulnerable_** to the latest security flaw, affecting every 9 out of 10 Active Android devices.\n\n \n\n\n### HOW ANDROID EXPLOIT WORKS?\n\n \n\n\nA Hacker can trigger endless reboots in two ways:\n\n * Through a Malicious Android App\n * Through a Specially-Crafted Web Site\n \n\n\nIn either case, the attacker lure victims to play malformed media file (.MKV file) using the buggy \u2018mediaserver\u2019 plugin. This will cause the mediaserver function to fall into an endless loop beyond the user\u2019s control, forcing the Android device to get slow down until it reboots\u2026 again and again.\n\n> \"_The vulnerability is caused by an integer overflow in parsing MKV files_,\" mobile threat response engineer Wish Wu of Trend Micro wrote in a Monday [blog post](<http://blog.trendmicro.com/trendlabs-security-intelligence/android-mediaserver-bug-traps-phones-in-endless-reboots/>). This \"_causes the device to fall into an endless loop when reading video frames._\"\n\n \n\n\n### SMALL QUIRK TO GET RID OF THIS FLAW\n\n \n\n\nThe firm reported the issue to Google, but the company is not taking it seriously, classifying it as a low-level vulnerability.\n\n \n\n\nUntil the official patch is delivered by Google, you can do a simple quirk if this bug hit your devices. All you need to do is reboot your devices in Safe Mode by holding the power button down and pressing Power Off option until you see the pop-up box asking you to restart in Safe Mode.\n\n \n\n\nSafe Mode will disable all third-party apps and information, allowing you to continue using your Android devices until a patch is released.\n", "modified": "2015-08-05T20:12:29", "published": "2015-08-04T21:51:00", "id": "THN:BBBB69A4A060DD4156D3E8E277C66F3C", "href": "https://thehackernews.com/2015/08/android-endless-reboot-bug.html", "type": "thn", "title": "Android Vulnerability Traps Devices in 'Endless Reboot Loop'", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
