CVE-2017-18655

Vulnerability

The vulnerability, tracked as CVE-2017-18655, is a stack-based buffer overflow in a trustlet on Samsung mobile devices running Android M (6.0) and N (7.x). The overflow results in memory corruption. This issue was addressed in Samsung's August 2017 security update (Samsung IDs SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892). [1]

Exploitation

An attacker with local access to the device could potentially exploit this vulnerability. The exact attack vector and required privileges are not fully disclosed in the available references, but a stack-based buffer overflow in a trustlet suggests the attacker could send a crafted input to the trustlet component, leading to buffer overflow and memory corruption. [1]

Impact

Successful exploitation could result in memory corruption and potentially arbitrary code execution within the trustlet context. A trustlet is a trusted application running in ARM TrustZone, meaning compromise could allow the attacker to gain elevated privileges or access sensitive data protected by the trusted execution environment (TEE). [1]

Mitigation

Samsung released security updates in August 2017 to fix this vulnerability. Users should ensure their devices are running the latest Android security patch level. There is no known workaround besides applying the patch. [1]