Some bad news for Android users, A security weakness in Android mobile operating system versions below 5.0 has been noticed. It puts potentially every Android device at risk for privilege escalation attacks. It has been patched in Android 5.0 Lollipop – the latest version of the mobile operating system.
This vulnerability has been discovered by a security researcher named Jann Horn.
This could allow any potential attacker to bypass the Address Space Layout Randomization (ASLR) defense and execute arbitrary code of their choice on a target device under certain circumstances. ASLR is a technique involved in protection from buffer overflow attacks.
The flaw resides in java.io.ObjectInputStream, which fails to check whether an Object that is being deserialized is actually a serializable object. The vulnerability was reported by the researcher to Google security team earlier this year.
Jann confirms ""When ObjectInputStream is used on untrusted inputs, an attacker can cause an instance of any class with a non-private parameterless constructor to be created," the security advisory from Horn says. "All fields of that instance can be set to arbitrary values." on his blog on Reditt.
Researcher has also developed a POC showing the creash of System_Service. As of now, in order to exploit this vulnerability, one need to get a malicious app installed onto the target device.
This vulerability has been patched with the release of recent Android release - 'Lolipop'.