Android aeration infinite reboot Vulnerability, CVE-2 0 1 5-3 8 2 3, The impact of almost 9 0% of Android users-vulnerability warning-the black bar safety net

2015-08-07T00:00:00
ID MYHACK58:62201565463
Type myhack58
Reporter 佚名
Modified 2015-08-07T00:00:00

Description

Android users are undoubtedly going through a tough week. This product of the latest vulnerabilities number of CVE-2 0 1 5-3 8 2 3, hackers can take advantage of the loudo make Android phone unlimited reboot, it sounds a bit like Stagefright vulnerability, and it stems from the media server, mediaserver built-in programming improperly. Infinite reboot Vulnerability, CVE-2 0 1 5-3 8 2 3) A few days ago, trend security the researchers found the Let the Androidoperating systemthe crash of a vulnerability, this vulnerability affects a large number of Android devices. However this hasn't finished, it didn't take long and there are independent security researchers released Stagefright vulnerability, that is, that the SMS vulnerability. About 9 5 0 0 million outstanding users can be due to a simple text message, is malicious Android application as well as the special structure of WEB pages, the hijacking. Today, security researchers are once again a force to find an Android security vulnerability, which they claim can make your Android phone without a response and infinite reboot--the bug number for CVE-2 0 1 5-3 8 2 3, hackers can use it to make Android phone unlimited reboot, it sounds a bit like Stagefright vulnerability, and it stems from the media server, mediaserver built-in programming improperly. Since nearly 9 0 percent of Android users run the system is 4. 0. 1 to 5. 1. 1 version, so unfortunately, this vulnerability lethality is very strong. The vulnerability principle A hacker can through the two ways to make your phone unlimited reboot: 1. By malicious Android app 2. By the special structure of the website An attacker can lure victims with the Android Media Server plug-in to open the malformed media file. MKV, this will cause the media server function into the loop, until the Android device is unresponsive and restart, and finally fall into an infinite loop. Trends secure mobile Threat Response engineer Wish Wu from Monday in the blog wrote: “The vulnerability is by the media server to resolve the MKV Media Audio and video files appear in an integer overflow caused by the device in the Read video frame when an error occurs, and then fall into an infinite loop.” Safety recommendations The Google company has already received the vulnerability report, but just think of it as a low-risk vulnerability. In Google official the vulnerability before the patch, if you have been caught, what should you do? Pressing the power key does not let go until you see the pop-up and in Safe Mode restart. Since Safe Mode disables all third party applications and information, you can release a patch before continue to use your Android device.