Issue #1311
closedAndroid KeyStore Stack Buffer Overflow - CVE-2014-3100
100%
Description
Replicant seems not to be affected to the vulnerability, listed here: http://redmine.replicant.us/boards/39/topics/8283?r=10425#message-10425
More details: https://securityintelligence.com/android-keystore-stack-buffer-overflow-to-keep-things-simple-buffers-are-always-larger-than-needed/
But why not adding the the "test for keystore crashing"-patch anyway?
Solution/Patches
AOSP patch: https://android.googlesource.com/platform/cts/+/cb35803
Files
Updated by My Self almost 10 years ago
- File CVE-2014-3100.zip added
I've applied the patch "Test-for-keystore-crashing-due-to-malformed-names.patch" to my local Replicant sources.
Additionally I [git add]ed this files to the following path:- tests/tests/security/src/android/security/cts/KeystoreExploitTest.java
- tests/tests/security/src/android/security/cts/Proc.java
(because of this, I provide this patch as a .zip(ped) patchset "CVE-2014-3100.zip"), which is attached.
Replicant <= 4.2 should not be affected by this vulnerability, but I would recommend to apply this CTS-"test for keystore crashing"-patch, anyway.
After merging this patch I've recompiled/reflashed Replicant 4.2 for my device without any misbehavior, and tested the functionalities for several hours, now.
@everyone: please review the patches and apply it if you like.
Updated by My Self almost 10 years ago
- File CVE-2014-3100.zip CVE-2014-3100.zip added
Updated by Paul Kocialkowski almost 10 years ago
Well, since this only impacts the CTS, it won't benefit users in any way. Since I'd like to keep the diff between Replicant and CM to a minimal, perhaps we could consider dropping this?
Updated by My Self almost 10 years ago
In consideration of the fact that Replicant (4.2) isn't vulnerable to this (CVE-2014-3100), I could live with the dropping of this (fully CTS related) patch.
Well, it was worth an offer :)
Updated by Paul Kocialkowski almost 10 years ago
- Status changed from New to Rejected
- Resolution set to invalid