Android 7 < 9 - Remote Code Execution

• Exploit Database
• 17 阅读

• 作者： Marcin Kozlowski
  日期： 2019-07-24
• 类别：

  • remote
  平台：

  • android
• 来源：https://www.exploit-db.com/exploits/47157/

• # Exploit Title: Android 7-9 - Remote Code Execution
  # Date: [date]
  # Exploit Author: Marcin Kozlowski
  # Version: 7-9
  # Tested on: Android
  # CVE : 2019-2107
  
  CVE-2019-2107 - looks scary. Still remember Stagefright and PNG bugs vulns .... 
  With CVE-2019-2107 the decoder/codec runs under mediacodec user and with properly "crafted" video (with tiles enabled - ps_pps->i1_tiles_enabled_flag) you can possibly do RCE. The codec affected is HVEC (a.k.a H.265 and MPEG-H Part 2)
  
  POC:
  https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47157.zip