LG liblg_parser_mkv.so Bad Allocation Calls

Posted by deepcore on May 10, 2017 – 10:05 am

During EBML node parsing the EBML element_size is used unvalidated to allocate a stack buffer to store the element contents. Since calls to alloca simply compile to a subtraction from the current stack pointer, for large sizes this can result in memory corruption and potential remote-code-execution in the mediaserver process. Tested on an LG-G4 with firmware MRA58K.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« LG mkvparser::Block::Block Heap Buffer Overflows http://www.tambonphonngam.go.th »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

LG liblg_parser_mkv.so Bad Allocation Calls

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL