One malicious MMS is all it takes to pwn a Samsung smartphone: Bug squashed amid Android patch batch

2020-05-08 23:42

Today I'm happy to release new research I've been working on for a while: 0-click RCE via MMS in all modern Samsung phones, due to numerous bugs in a little-known custom "Qmage" image codec supported by Skia on Samsung devices.

The patch coincides with Android's monthly release of security fixes: all owners of devices running supported versions of Android will want to check for and install relevant updates in May's patch batch.

This latest wedge includes fixes for a remote code execution flaw in the Android AAC decoder and a critical Android framework elevation-of-privilege bug that together can be exploited to gain total control of the device.

For the Android framework, two additional elevation-of-privilege bugs that grant malware already on the device not-quite-total control over a device, and for the media framework, one EoP flaw and three information disclosure bugs.

The Android system patches cover the aforementioned AAC remote code bug as well as four EoP and three information disclosure bugs holes.

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/08/samsung_android_patches/

#android #patch #samsung #smartphone

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Samsung		1725	182	413	285	88	968
Android		4	0	17	2	0	19