vendor:
Samsung Android Professional Audio
by:
Google Project Zero
7.5
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name: Samsung Android Professional Audio
Affected Version From: Not provided
Affected Version To: Not provided
Patch Exists: NO
Related CWE: Not provided
CPE: Not provided
Platforms Tested: Android
2020
Usermode Audio Subsystem Privilege Escalation
The usermode audio subsystem for the "Samsung Android Professional Audio" is based on JACK, which appears to be designed for single-user usage. The shared memory implementation allows any application to access/modify/map shared memory pages used by JACK, regardless of which application created those shared memory pages. This allows an attacker to corrupt the internal state of shared-memory backed objects and modify values without validation, potentially leading to privilege escalation.
Mitigation:
It is necessary to review all uses of variables stored in the shared memory interfaces to ensure proper validation and security. A patch may be required to fix this vulnerability.