CVE-2017-0608

Vulnerability

An elevation of privilege vulnerability exists in the Qualcomm sound driver used in Android. The issue resides in the kernel component and affects devices running kernel versions 3.10 and 3.18 [1]. The vulnerability can be exploited by a local malicious application that first compromises a privileged process in order to trigger the flaw and execute arbitrary code within the kernel context [1].

Exploitation

Exploitation requires an attacker to first compromise a privileged process on the device. Once that initial compromise is achieved, a local malicious application can leverage the sound driver flaw to escalate privileges further. The exact sequence of steps is not publicly detailed, but the attack path involves using the compromised privileged process to interact with the vulnerable sound driver and trigger the kernel-level code execution [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code within the context of the kernel, resulting in a full compromise of the device's operating system. This gives the attacker the highest level of privilege, enabling them to bypass security mechanisms, access sensitive data, and perform any action available to the kernel [1].

Mitigation

Google released a fix as part of the May 2017 Android Security Bulletin. The update is included in the Android security patch level of 2017-05-01. Devices that have installed this patch level are protected. There is no mention of a workaround, and users should apply the official update as soon as possible [1].