Android 7 < 9 remote code execution Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2019-07-24 | Type : remote | Platform : android


[+] Code ...

# Exploit Title: Android 7-9 - Remote Code Execution
# Date: [date]
# Exploit Author: Marcin Kozlowski
# Version: 7-9
# Tested on: Android
# CVE : 2019-2107

CVE-2019-2107 - looks scary. Still remember Stagefright and PNG bugs vulns ....
With CVE-2019-2107 the decoder/codec runs under mediacodec user and with properly "crafted" video (with tiles enabled - ps_pps->i1_tiles_enabled_flag) you can possibly do RCE. The codec affected is HVEC (a.k.a H.265 and MPEG-H Part 2)

POC:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47157.zip