Overview

Description

Code: 1.CVE-2015-1538, P0006, Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution 2.CVE-2015-1538, P0004, Google Stagefright ‘ctts’ MP4 Atom Integer Overflow Remote Code Execution 3.CVE-2015-1538, P0004, Google Stagefright ‘stts’ MP4 Atom Integer Overflow Remote Code Execution 4.CVE-2015-1538, P0004, Google Stagefright ‘stss’ MP4 Atom Integer Overflow Remote Code Execution 5.CVE-2015-1539, P0007, Google Stagefright ‘esds’ MP4 Atom Integer Underflow Remote Code Execution 6.CVE-2015-3827, P0008, Google Stagefright ‘covr’ MP4 Atom Integer Underflow Remote Code Execution 7.CVE-2015-3826, P0009, Google Stagefright 3GPP Metadata Buffer Overread 8.CVE-2015-3828, P0010, Google Stagefright 3GPP Integer Underflow Remote Code Execution 9.CVE-2015-3824, P0011, Google Stagefright ‘tx3g’ MP4 Atom Integer Overflow Remote Code Execution 10.CVE-2015-3829, P0012, Google Stagefright ‘covr’ MP4 Atom Integer Overflow Remote Code Execution

Impact

Solution

Apply an update

Flash attached fix

PLEASE MAKE A BACKUP before flashing.

Device Compatibility:

This fix has been test successfully on (Snapdragon, ARM)

Note 3,

Note 4,

S5, Snapdragon

S6 Port only

Note Edge devices.



Seems no luck for following device:

S5 - 900H Exynos

S6.



S4, I9505 see here

Vulnerable









Vulnerable (stagefright detector app shows vulnerability issue after update)









Patch Fix for CVE-2015-3864









Patch Fix for CVE-2015-6602





Stagefright is the media playback service for Android, introduced in Android 2.2 (Froyo). Stagefright in versions of Android prior to 5.1.1_r9 may contain multiple vulnerabilities, including several integer overflows, which may allow a remote attacker to execute code on the device.According to a Zimperium zLabs blog post, Android's Stagefright engine contains multiple vulnerabilities, including several integer overflows, allowing a remote attacker to access files or possibly execute code on the device. This vulnerability may at least partially affect all versions of Android starting from 2.2 (Froyo) and prior to 5.1.1_r9 (Lollipop).An attacker with a victim's cell phone number may send maliciously crafted multimedia messages (MMS) which may be improperly parsed by the Stagefright tool. Other attack vectors may be possible.According to Ars Technica, "successful exploits at the very least provide direct access to a phone's audio and camera feeds and to the external storage ... many older phones grant elevated system privileges to Stagefright code, a design that could allow attackers access to many more device resources."Zimperium has released more information on these vulnerabilities, including a proof of concept code, patches, a video demoing the exploit and an Android app that detects the vulnerability.The vulnerabilities include:Since integer overflow is a type of memory error, Address Space Layout Randomization (ASLR) appears to partially mitigate this issue; Forbes reports that Android before 4.1 (Jelly Bean) have "inadequate exploit mitigations." ASLR was introduced in Android 4.0 and fully enabled in Android 4.1.A remote attacker may be able to execute code on the Android device.orThe latest fix works only on Note 3 Snapdragon running Lollipop.Now you would be able to test your device vulnerability using any of these apps: Stagefright Detector App or Stagefright Detector Source: zimperium thanks @ cantenna to find the proper libs for patch CVE-2015-6602