A vulnerability in the Android mobile operating system can be exploited to cause devices to become inoperable, said researchers.
According to experts, the vulnerability affects versions of Android starting with 4.3 Jelly Bean and up to 5.1.1 Lollipop. Roughly half of Android devices are running impacted version of the operating system.
The issue is an integer overflow bug in Android’s “mediaserver” service. The vulnerability is triggered when the service processes a malformed video file using the Matroska container.The vulnerability is caused by an integer overflow when the mediaserver service parses an MKV file. It reads memory out of buffer or writes data to NULL address when parsing audio data.An attacker can leverage the flaw to cause a smartphone to become silent and inoperable. This includes no ringtone and notification sounds, and unresponsive user interface.An attacker can even exploit the denial-of-service (DoS) vulnerability remotely by getting the victim to install a malicious app or visit a specially crafted website. Exploiting the flaw through a malicious app that contains an embedded MKV file allows the attacker to make the smartphone unresponsive for an extended period of time by ensuring that the application is launched whenever the device boots.
A proof-of-concept (PoC) application developed by Trend Micro causes the mediaserver service to continuously restart once the exploit is triggered. The attack has also been demonstrated with a web-based PoC that causes the phone to crash when it’s accessed through the Chrome web browser.The researcher believes that further analysis of the mediaserver service might reveal more serious vulnerabilities, including flaws that can be exploited for remote code execution.