CVE-2017-13284 : Injection in configuration file

Hey ! Android Bulletin Security of April is now released and I am authorized to talk about my last (and first \o/) CVE I found in the bluedroid Android subsystem. The vulnerability CVE-2017-13284 affects all versions from 6.0 and is rated as Critical. It is described as following: In config_set_string of config.cc, it is possible to pair a second BT…

BlueBorne exploitation on Nexus 4

Introduction In September 2017, Armis security researchers have published a whitepaper named “BlueBorne” which reveals several vulnerabilities in different bluetooth stack implementations. All major stacks are impacted and for Android system (Bluedroid), three vulnerabilities have been discovered : CVE-2017-0785 : Memory leak CVE-2017-0781 and CVE-2017-0782 : Buffer overflow which can lead to remote execution To demonstrate the vulnerability, Armis team…