This CHT Posted November 4, 2022 Share Posted November 4, 2022 # Exploit Title: Android 7-9 - Remote Code Execution # Date: [date] # Exploit Author: Marcin Kozlowski # Version: 7-9 # Tested on: Android # CVE : 2019-2107 CVE-2019-2107 - looks scary. Still remember Stagefright and PNG bugs vulns .... With CVE-2019-2107 the decoder/codec runs under mediacodec user and with properly "crafted" video (with tiles enabled - ps_pps->i1_tiles_enabled_flag) you can possibly do RCE. The codec affected is HVEC (a.k.a H.265 and MPEG-H Part 2) POC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47157.zip Link to post Link to comment Share on other sites More sharing options...
Recommended Posts