After the disclosure of a denial of service (DoS)
vulnerability impacting the majority of Android devices in use, security
researchers have discovered another Denial of Service flaw that affects even
more users. The vulnerability can be exploited by an attacker to cause a device
to reboot, and it is similar to the previously identified bug in that it exists
in the mediaserver program. In more a severe case, where a related malicious
app is set to auto-start, the device can be trapped in an endless reboot and
rendered unusable. This vulnerability can also cause the device to be drained
of its battery life. An attacker can exploit the
bug (CVE-2015-3823), which is caused by an integer overflow in parsing .MKV
files - either by a malicious app installed on the affected device, or by
luring a user to a specially crafted website containing a malformed media file.
The vulnerability affects Android versions 4.0.1 to 5.1.1, which indicates that
about 89 percent of devices in use today are affected.
The information provided herein is on "as is" basis, without
warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street