Researchers at Trend Micro’s Zero Day Initiative revealed a 0-day privilege vulnerability in the Android operating system that allowed attackers with low access rights on affected devices to further increase their privileges. The vulnerability is in the V4L2 driver that captures live video. “The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this to escalate privileges in the context of the kernel.”
Security experts say that an application or code that has gained access to the V4L subsystem can exploit the vulnerability for escalation. Security researchers who discovered the vulnerability said they notified Google in March, and Google confirmed that the vulnerability would be fixed in June, but by August Google said there were no further updates. The vulnerability has not been fixed so far.
“Given the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the service,” ZDI researchers wrote in Tuesday’s post. “Only the clients and servers that have a legitimate procedural relationship with the service should be permitted to communicate with it.”