FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Stagefright vulnerability (CVE-2015-6603) exists in lib_mp4_parser_arm11_elinux.3.0.so for M6.0.1

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Stagefright vulnerability (CVE-2015-6603) exists in lib_mp4_parser_arm11_elinux.3.0.so for M6.0.1

‎05-24-2017 08:11 PM
706 Views
stonehsu
Contributor II

Dear all,

The latest CTS release for Marshmallow (Android 6.0 R18 CTS) has add a new security test for stagefright:

class : android.security.cts.StagefrightTest

test : testStagefright_cve_2015_6603

Our platform is based on the i.mx6QuadPlus SabreSD reference platform with Marshmallow M6.0.1_2.0.0.

I'm attaching the test report and the device logcat.

We also run this CTS test on the reference platform with demo image (M6.0.1_2.1.0) and get the same failure.

The Nexus 9 can pass this CTS test normally.

We trying to figure out what caused this failure. According to the device logcat, the failure relates to the lib_mp4_parser_arm11_elinux.3.0.so.

01-01 00:13:18.729 1870 2272 F libc : Fatal signal 11 (SIGSEGV), code 1, fault addr 0xb3f80000 in tid 2272 (generic)
01-01 00:13:18.839 234 234 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
01-01 00:13:18.839 234 234 F DEBUG : Build fingerprint: 'Freescale/sabresd_6dq/sabresd_6dq:6.0.1/2.0.0-ga-rc5/20160613:user/release-keys'
01-01 00:13:18.839 234 234 F DEBUG : Revision: '0'
01-01 00:13:18.839 234 234 F DEBUG : ABI: 'arm'
01-01 00:13:18.839 234 234 F DEBUG : pid: 1870, tid: 2272, name: generic >>> /system/bin/mediaserver <<<
01-01 00:13:18.839 234 234 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xb3f80000
01-01 00:13:18.839 535 673 W NativeCrashListener: Couldn't find ProcessRecord for pid 1870
01-01 00:13:18.851 234 234 F DEBUG : r0 b3f7ffc0 r1 b3f7ffe1 r2 ffff029a r3 00000004
01-01 00:13:18.851 234 234 E DEBUG : AM write failed: Broken pipe
01-01 00:13:18.851 234 234 F DEBUG : r4 b39803b0 r5 00000000 r6 0000be4b r7 0000000e
01-01 00:13:18.851 234 234 F DEBUG : r8 0000000f r9 00000008 sl 0000be42 fp 00000004
01-01 00:13:18.851 234 234 F DEBUG : ip 80000000 sp b3980338 lr b37f56cd pc b6a7b68c cpsr a00f0030
01-01 00:13:18.872 234 234 F DEBUG :
01-01 00:13:18.872 234 234 F DEBUG : backtrace:
01-01 00:13:18.872 234 234 F DEBUG : #00 pc 0001768c /system/lib/libc.so (__memcpy_base+111)
01-01 00:13:18.873 234 234 F DEBUG : #01 pc 000206c9 /system/lib/lib_mp4_parser_arm11_elinux.3.0.so (UnsyncRemoveV2_4+184)
01-01 00:13:18.873 234 234 F DEBUG : #02 pc 000207fd /system/lib/lib_mp4_parser_arm11_elinux.3.0.so (ID3V2Parse+164)
01-01 00:13:18.873 234 234 F DEBUG : #03 pc 0001e3e1 /system/lib/lib_mp4_parser_arm11_elinux.3.0.so

The lib_mp4_parser_arm11_elinux.3.0.so is a library, we don't have source code to analyse.

I found other guys have similar problem on imx6q with Lollipop L5.1.1_2.0.0 after searching the community.

Stagefright vulnerability (CVE-2015-6603) exists in lib_mp4_parser_arm11_elinux.3.0.so 

Is there a updated for Marshmallow(M6.0.1_2.0.0) at present?

Labels (1)
Labels
Tags (3)
0 Kudos
Reply
1 Reply

‎05-26-2017 01:22 AM
533 Views
art
NXP Employee
NXP Employee

Q. Is there a updated for Marshmallow(M6.0.1_2.0.0) at present?

A. Unfortunately, no, there is no fix for the issue exists at present.

Best Regards,

Artur

0 Kudos
Reply