pub

Preliminary VuNote

Author:     <github.com/tintinweb>
Ref:        https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-13208
Version:    0.1
Date:       Oct 05th, 2017

Tag:        android platform system core libnetutils dhcp parser buffer overwrite

Overview

Name:           android.platform.system.core.libnetutils
Vendor:         google
References:     * https://android.googlesource.com/platform/system/core/+/master/libnetutils [1]
                * https://source.android.com/security/bulletin/2018-01-01 [2]

Version:        7cdc0a3edc816cf81cecab35b85bd55bea7b5015
Latest Version: 7cdc0a3edc816cf81cecab35b85bd55bea7b5015 (master)
Other Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 [5]
Platform(s):    cross
Technology:     c

Vuln Classes:   CWE-121, CWE-122
Origin:         remote
Min. Privs.:    none

CVE:            CVE-2017-13208
Android-BUGId:  A-67474440 [3]

Description

quote Android Open Source Project (AOSP) [4]

Android is an open source software stack for a wide range of mobile devices and a corresponding open source project led by Google. This site and the Android Open Source Project (AOSP) repository offer the information and source code you need to create custom variants of the Android stack, port devices and accessories to the Android platform, and ensure your devices meet compatibility requirements.

Summary

quote cve.mitre.org [5]

In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440.

Details

Android Security Bulletin [2]: RCE | Critical | 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1

Android Issue Tracker [3]: A-67470944

TBD

Patch

see [6]

Notes

TBD

References

[1] https://android.googlesource.com/platform/system/core/+/master/libnetutils
[2] https://source.android.com/security/bulletin/2018-01-01
[3] https://issuetracker.google.com/issues/67470944
[4] https://source.android.com/
[5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13208
[6] https://android.googlesource.com/platform/system/core/+/b71335264a7c3629f80b7bf1f87375c75c42d868

Contact

https://github.com/tintinweb

This site is open source. Improve this page.